CVE Stalker ingests public vulnerability sources, enriches the data, and presents it in a searchable UI. The collector pulls KEV, MITRE, and GitHub PoC signals, and the web app serves views and APIs. It is more like KEV Stalker than CVE Stalker now, but the goal is to expand beyond KEV data in the future.

Data Flow Diagram

The flow includes KEV, MITRE, GitHub PoC signals, and FIRST EPSS data.

Key Concepts

• KEV: CISA Known Exploited Vulnerabilities catalog.
• MITRE: CVE metadata with CVSS and SSVC fields.
• GitHub PoC: Repositories detected as proof-of-concept exploits.
• FIRST (EPSS): Exploit Prediction Scoring System time series.
• CVE Stalker: Local tracking of published and first-seen dates.

Lifecycle Diagram