
Monitor CVE announcements and automatically notify when a binary/package/library/domain is affected.

Primary LanguagePython


Monitor CVE announcements and automatically notify when a binary/package/library/domain is affected.


How to run cve-raptor?

Download one of the CVE announcements (in CVRF format) from

For example allitems-cvrf.xml(~120MB) contains details of ~85,000 CVEs as of 10 NOV 2015.

Update cvrf_path in cve-prev-date.py to point to the local copy of the downloaded CVRF XML file.

Running MVP build on Ubuntu 15.10:
$ python3 cve-prev-date.py


...and voila...


Also verified to work using python 3.4.3 on Windows 7.

How CVE-Raptor works...

The following is the proposed workflow.
Currently individual functions are being implemented.
A MVP that supports phases 2, 3 & 4 is available as cve-prev-date.py.

  1. Fetches the CVRF header and checks whether the timestamp is newer than the previous run when it was fetched.

  2. If the header indicates that a newer CVRF is available, then the entire CVRF is fetched and a copy is saved locally.

  3. The local copy of the latest CVRF is then parsed for all published/modified vulnerabilities(CVEs) since the previous run.

  4. Results are displayed immediately on the console.

  5. Optionally specific keyword(s) related to a binary/library/package/domain can be searched for in the newly published/modified CVEs. Upon finding a match, notifications can be triggerred to the respective user(s) for example via email.

Why "Raptor" ?

Raptors are famous for their

  • excellent eyesight for finding food,
  • strong feet for holding food,
  • and a strong curved beak for tearing flesh.

CVE-raptor hopes to demonstrate similar agility in

  • quickly searching,
  • filtering,
  • and identifying CVEs of interest from public database(s).


Contents licensed under Creative Commons Attribution-ShareAlike CC BY-SA.

Feel free to report a bug or feature request.

For changes/fixes/enhancements, send in a pull-request. For more details contact me here.