The Radar is a live feed of every CVE published in the National Vulnerability Database (NVD), enriched with CISA KEV (Known Exploited Vulnerabilities) flags, EPSS exploit-prediction scores, CVSS severity, and affected vendor/product metadata. It updates continuously as new CVEs are published or scored.

NVD is a raw firehose. Vulnios layers prioritization on top — KEV flags, EPSS percentile, severity, and (for paying customers) cross-referencing against your asset inventory so you only see CVEs that actually affect your environment. The Radar also surfaces CVEs from sources NVD often lags behind, like vendor advisories and curated OSINT.

The public Radar view is free and requires no signup — you can browse the feed, filter by severity, and see KEV / EPSS data for every CVE. Asset matching (showing only the CVEs that affect your specific environment) requires a free account.

New CVEs flow in within minutes of publication to NVD or the upstream source. KEV catalog changes propagate within an hour. EPSS scores refresh daily. The feed shows the timestamp on every entry so you can see how recent the data is.

EPSS — Exploit Prediction Scoring System — is a community-maintained model that estimates the probability a given CVE will be exploited in the wild within 30 days. Combined with KEV (which tracks confirmed in-the-wild exploitation), it lets you prioritize patches by real-world risk rather than CVSS score alone.

Yes. With a Vulnios account, you can configure watchlists by vendor, product, or CVSS threshold. When a new CVE matches, you get an email/Slack/webhook alert with the severity, KEV status, EPSS score, and a remediation path — no scrolling through the firehose required.