Vulnerability and threat intelligence, in one view
Community Tools by ResilientX Security is a live command center for vulnerability and threat intelligence. It pairs 363,818 CVEs — scored by CVSS severity, FIRST.org EPSS exploit prediction and the CISA Known Exploited Vulnerabilities (KEV) catalog — with a continuously-corroborated corpus of threat-intelligence indicators (malicious IPs, domains, URLs and file hashes) aggregated across many independent feeds.
Two intelligence streams
- Vulnerability Intelligence — search and prioritise CVEs by CVSS, EPSS and CISA KEV; browse by vendor, product, CWE and package.
- Threat Intelligence — a live, corroborated corpus of indicators with confidence scoring, multi-source agreement, and ASN/country enrichment.
Free tools
- CVE Explorer — Filter and sort the entire CVE database by severity, CVSS, EPSS exploit prediction, CISA KEV, exploit maturity (PoC → weaponized → active → ransomware), and CISA SSVC.
- Prioritize (bulk CVE lookup) — Paste a list of CVEs or scanner output and get a patch-priority order ranked by EPSS, CISA KEV, EU-exploited, and CVSS — export to CSV.
- Exploited right now — See which vulnerabilities are being exploited in the wild right now — CISA KEV and the ENISA EU database — with an RSS feed.
- Vendor & product browser — Browse known vulnerabilities by vendor and product across the entire NVD corpus.
- CWE weakness browser — Browse CVEs by CWE weakness type — cross-site scripting, SQL injection, out-of-bounds write, and more — each with its most severe known CVEs.
- Package vulnerabilities — Find CVEs affecting an open-source package (npm, PyPI, Go, Maven, and more) and version, with affected ranges from OSV.dev and GitHub Security Advisories.
- CPE → CVE lookup — List every CVE affecting a CPE 2.3 string with full version-range matching.
- Identifier resolver — Resolve any CVE, EUVD, GHSA, or GSD id to its canonical CVE and every cross-referenced alias.
- Threat Intelligence — A live, corroborated corpus of threat indicators (IPs, domains, URLs, file hashes) with confidence scoring, multi-source agreement, and ASN/country pivots.
- Threat-Intel Explorer — Filter and sort indicators of compromise by type, class (malicious / anonymizer / suspicious), confidence, multi-source corroboration, and seen-date.
- CVSS calculator — Score a CVSS v3.1 vector or build one interactively, with a plain-English breakdown of every metric.
- CPE 2.2 ⇄ 2.3 converter — Convert between CPE 2.2 URI and CPE 2.3 formatted-string bindings, in both directions.
- Developer API — A free JSON API over the whole dataset — CVE search & detail, CPE matching, vendor/package browsing, prioritization, and threat-intel — with an OpenAPI spec.
- MCP server — Query this intelligence in natural language from Claude, ChatGPT, Cursor, and other AI assistants over the Model Context Protocol.
About the data & methodology · Developer API