Vulnerability Insights.
Indexed across NVD, CISA KEV, vendor advisories, and other public vulnerability sources. Continuously updated, with CVSS, EPSS, and CWE enrichment.
Loading…Disclosure velocity.
CVEs published, modified, and added to CISA’s Known Exploited Vulnerabilities list across all tracked sources.
Disclosure volume, year by year.
— CVEs were disclosed in —. Annual disclosure volumes have grown markedly over the past decade — the chart below shows the breakdown by severity band.
Which weaknesses keep showing up.
Top 10 CWE categories per year, by frequency of disclosure. Cross-site scripting (CWE-79) consistently lands among the most common weaknesses. Click any year to see the full ranked list.
Severity, across all — CVEs.
Grouped by severity band across the full CVE catalog. Critical and High together account for roughly half the catalog — a baseline reminder that the average disclosed CVE is not low-severity.
10 most recent CVEs.
Newly published vulnerability records, ordered by publication time. CVSS scores arrive after initial disclosure — recent entries may show as unscored until enrichment completes.
Where the numbers come from.
NVD primary feed, CISA KEV catalog, vendor security advisories, and other public vulnerability sources. CVE entries reconciled across sources to a single canonical record.
CVSS for severity (v2, v3.0, v3.1, v4.0 where available), EPSS for exploitation likelihood, CWE mapping for vulnerability classification, and CISA KEV flags for known exploitation.
Records ingest continuously. Initial publications often arrive without CVSS scoring; scores fill in as CNAs and analysts complete enrichment over the following days.
Build on the live corpus through the Vulnerability APIs — CVE search, CVE detail, and the underlying scoring.
Explore more signal.
Domain Insights
400M+ domains tracked across all TLDs. Top TLDs, naming trends, and daily registration volume.
See Domain Insights API · VULNERABILITY SEARCHVulnerability Search API
Query the same 350K+ CVE corpus by vendor, product, severity, EPSS percentile, or any combination. Live data, no snapshot lag.
See API API · CVE DETAILVulnerability Detail API
Full record for any CVE: CVSS scoring across versions, EPSS exploitation likelihood, CWE classification, and CISA KEV flags.
See APIGet this data through the API.
The numbers above are point-in-time snapshots. The underlying CVE corpus is live and queryable through Deepinfo’s Vulnerability APIs — same data, with full enrichment metadata.