Versão 20.0.0 (28/03/2026)

• Comprometer-se 187f6

  Funcionalidade
  Overhaul of the URL structure of the whole service. We change from a query string-based approach to a REST-like URL structure.

Versão 19.33.5 (12/03/2026)

• Comprometer-se d4ca2

  Otimização
  Much more efficient handling of all supported languages.

Versão 19.33.4 (11/03/2026)

• Comprometer-se 07d0a

  Otimização
  The titles and breadcrumbs of Knowledge Base entries are optimized for smaller views.

Versão 19.33.3 (10/03/2026)

• Comprometer-se fbfdc

  Otimização
  All columns in CTI views are sortable properly.

Versão 19.33.2 (09/03/2026)

• Comprometer-se 0bf47

  Otimização
  The views for exploits and exploits prices also contain ransomware details.

• Comprometer-se 4ea48

  Otimização
  In the menu The exploit prices view was moved from Theat to Risk.

Versão 19.33.1 (08/03/2026)

• Comprometer-se 89bec

  Otimização
  We send the HTTP response header Content-Signal to define if and how AI-based processing of pages is allowed.

Versão 19.33.0 (02/03/2026)

• Comprometer-se 4b4b0

  Funcionalidade

  Pedido do cliente
  Introduction of the language Klingon.

Versão 19.32.2 (25/02/2026)

• Comprometer-se d51e7

  Otimização
  Charts about different CVSS scoring show the amount of scored vulnerability items in the chart title.

Versão 19.32.1 (23/02/2026)

• Comprometer-se 4919b

  Otimização
  Vulnerability history views indicate commits by submitters in the remark column.

Versão 19.32.0 (22/02/2026)

• Comprometer-se 9a3dd

  Funcionalidade
  All KEV views do indicate whether there is a ransomware to be known for specific vulnerability entries.

• Comprometer-se 22b69

  Otimização
  All HTTP redirects on the web service are faster due to general code optimization.

Versão 19.31.0 (21/02/2026)

• Comprometer-se cd758

  Funcionalidade
  The web searches add CWE as a new column in the search results to provide better accessibility to relevant data.

Versão 19.30.0 (16/02/2026)

• Comprometer-se aff18

  Funcionalidade
  Introduction of the languages Slovenian, Belarusian, and Esperanto.

Versão 19.29.4 (15/02/2026)

• Comprometer-se f6956

  Otimização
  Improved country identification of actors and activities for Cyber Threat Intelligence analysis.

Versão 19.29.3 (13/02/2026)

• Comprometer-se e3dfa

  Correção de erros
  Fixed a very rare issue where CVSSv3 meta scores were not rounded properly.

Versão 19.29.2 (12/02/2026)

• Comprometer-se bcfa9

  Otimização
  Upgrade of server hardware to improve performance.

• Comprometer-se bcfa9

  Otimização
  Upgrade of all software components to the latest version tree.

• Comprometer-se 25d73

  Otimização
  Improved handling of user sessions for better performance and increased security.

Versão 19.29.1 (11/02/2026)

• Comprometer-se d7ed0

  Otimização
  Faster compilation of statistica data.

Versão 19.29.0 (10/02/2026)

• Comprometer-se 77f5d

  Funcionalidade

  Pedido do cliente
  Introduction of the support for CVSSv3 data by CISA as an ADP in different views (e.g. CVSSv3 overview, edit form).

• Comprometer-se d5bc4

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In API 3.86 introduction of the ADP CISA CVSSv3 vector and score which is accessible via vulnerability_cvss3_adpcisa_*.

• Comprometer-se e03e8

  Otimização
  CTI overviews show additional statistical data about CTI monitoring.

Versão 19.28.0 (09/02/2026)

• Comprometer-se 5a9b8

  Funcionalidade
  Introduction of the languages Navajo, Inuktitut, and Kalaallisut.

Versão 19.27.3 (08/02/2026)

• Comprometer-se 5d194

  Otimização
  Faster daily compilation of our extended CPE dictonary.

Versão 19.27.2 (06/02/2026)

• Comprometer-se b09d3

  Correção de erros
  Fixed an issue where existing users were not able to login if their username contained a string which is blacklisted for user registration. Thanks to the user pengroot for reporting this issue.

Versão 19.27.1 (04/02/2026)

• Comprometer-se 6a8bd

  Otimização
  Improved the username validator to prevent disallowed usernames during registration.

Versão 19.27.0 (02/02/2026)

• Comprometer-se cb05c

  Funcionalidade
  Introduction of the languages Dzongkha, Marshallese, and Luganda.

Versão 19.26.3 (30/01/2026)

• Comprometer-se bddb1

  Otimização
  Fixed a rare issue where vendor and product links were not aligned regarding case sensitivity.

Versão 19.26.2 (28/01/2026)

• Comprometer-se e80fb

  Otimização
  The recurring generation of the stats page is more efficient and informs concurrent users about the generation process.

Versão 19.26.1 (27/01/2026)

• Comprometer-se 15d2c

  Otimização
  Improved product web site association for vulnerability entries.

Versão 19.26.0 (26/01/2026)

• Comprometer-se 69e6d

  Funcionalidade
  Introduction of the languages Kanuri, Ndonga, Ndebele North, and Ndebele South.

Versão 19.25.3 (25/01/2026)

• Comprometer-se 5d608

  Otimização
  Improvement of country activity analysis accuracy shown in CTI charts.

Versão 19.25.2 (24/01/2026)

• Comprometer-se 90808

  Otimização
  Performance optimizazion of views containing CTI maps.

Versão 19.25.1 (23/01/2026)

• Comprometer-se 11bc9

  Otimização
  Performance optimization for all text generation elements. Especially views with multiple descriptions profit from this.

Versão 19.25.0 (19/01/2026)

• Comprometer-se f7d62

  Funcionalidade
  Introduction of the languages Fijian, Tongan, and Bislama.

Versão 19.24.1 (13/01/2026)

• Comprometer-se 64d9c

  Otimização
  The lookup of CWE identifiers shows the full name of items in diff views and commit items of vulnerability entries.

Versão 19.24.0 (12/01/2026)

• Comprometer-se 64c79

  Funcionalidade
  Introduction of the languages Corsican, Occitan, Catalan, and Galician.

Versão 19.23.0 (05/01/2026)

• Comprometer-se 4c461

  Funcionalidade
  Introduction of the languages Armenian, Kyrgyz, Kashmiri, and Tibetian.

Versão 19.22.2 (04/01/2026)

• Comprometer-se fe3cc

  Otimização
  Public submits are flagged as community content more clearly.

Versão 19.22.1 (03/01/2026)

• Comprometer-se b5b92

  Correção de erros
  Under certain circumstances the CVSSv4 bscores and btscores were not calculated correctly for 3rd party sources.

Versão 19.22.0 (29/12/2025)

• Comprometer-se f8723

  Funcionalidade
  Introduction of the languages Twi, Lingala, Kongo, and Ewe.

Versão 19.21.0 (22/12/2025)

• Comprometer-se 15c9d

  Funcionalidade
  Introduction of the languages Maori, Samoan, and Oromo.

Versão 19.20.4 (20/12/2025)

• Comprometer-se 2887c

  Otimização
  Submitting a new vulnerability will validate the source URL and reject invalid links.

Versão 19.20.3 (19/12/2025)

• Comprometer-se 14e46

  Correção de erros
  The Previous and Next buttons of Vulnerability Relate Views link to the corresponding main entry instead to an identified match.

Versão 19.20.2 (18/12/2025)

• Comprometer-se ecb5d

  Otimização
  Improvement of PURL-based searches to get much better results.

Versão 19.20.1 (17/12/2025)

• Comprometer-se b998e

  Otimização
  The CTI view for vulnerability entries lists associated sources to make further analysis easier.

Versão 19.20.0 (15/12/2025)

• Comprometer-se 86367

  Funcionalidade
  Introduction of the languages Bambara, Wolof, Tswana, Southern Sotho, and Aymara.

Versão 19.19.2 (10/12/2025)

• Comprometer-se e3c8e

  Otimização
  Links to CPE entries of NIST NVD do not accept wilcards for version fields anymore. A workaround makes it possible to guarantee a reliable lookup again.

Versão 19.19.1 (09/12/2025)

• Comprometer-se 7da1f

  Otimização
  Within KEV views the due field links to the KEV entry for easier analysis capabilities.

Versão 19.19.0 (08/12/2025)

• Comprometer-se af904

  Funcionalidade
  Introduction of the languages Kinyarwanda, Kirundi, Chichewa, and Fula.

Versão 19.18.3 (05/12/2025)

• Comprometer-se ba595

  Otimização
  Editing a vulnerability entry will allow to set the field software_notaffectedlist as well.

Versão 19.18.2 (04/12/2025)

• Comprometer-se 1b98e

  Correção de erros

  Pedido do cliente
  The CSRF token handling during settings updates was not working properly.

Versão 19.18.1 (02/12/2025)

• Comprometer-se bbeef

  Otimização
  DB structure improvement of Monoblock to improve performance of vulnerability data queries.

Versão 19.18.0 (01/12/2025)

• Comprometer-se 1e02f

  Funcionalidade
  Introduction of the languages Maltese, Irish, Welsh, Breton, and Manx.

Versão 19.17.3 (30/11/2025)

• Comprometer-se 1f8bc

  Otimização
  The Live View of Commits does now provide time details based on minutes to guarantee better accuracy.

Versão 19.17.2 (28/11/2025)

• Comprometer-se ecc57

  Otimização
  Calculation of broad CTI analysis queries is much faster without losing any accuracy of results.

Versão 19.17.1 (25/11/2025)

• Comprometer-se 92921

  Otimização
  Optimized resource handling of high-performance queries.

Versão 19.17.0 (24/11/2025)

• Comprometer-se e350e

  Funcionalidade
  Introduction of the languages Swiss German, Romansh, Frisian, and Luxembourgish.

Versão 19.16.2 (23/11/2025)

• Comprometer-se a2e0c

  Correção de erros
  Fixed an issue where vulnerability titles contained fragments of foreign languages.

Versão 19.16.1 (18/11/2025)

• Comprometer-se 89c9e

  Otimização
  The language view shows how many languages are supported.

Versão 19.16.0 (17/11/2025)

• Comprometer-se 43466

  Funcionalidade
  Introduction of the languages Kannada, Telugu, and Malayalam.

Versão 19.15.2 (13/11/2025)

• Comprometer-se 8a017

  Otimização
  If a user enables section counts in titles, then empty search results will shown the indicator as well.

Versão 19.15.1 (12/11/2025)

• Comprometer-se d1c54

  Otimização
  Updated the CPE links in vulnerability entries to provide better accessibility to the NIST database.

Versão 19.15.0 (10/11/2025)

• Comprometer-se ee129

  Funcionalidade
  Introduction of the languages Punjabi, Marathi, Tamil, and Gujarati.

Versão 19.14.1 (05/11/2025)

• Comprometer-se 22442

  Correção de erros

  Mudança na API
  In API 3.85 fixed a race condition regarding API credit calculation which happened when an earlier API request had an extended execution time.

Versão 19.14.0 (03/11/2025)

• Comprometer-se ccd7b

  Funcionalidade
  Introduction of the languages Hausa, Shona, Quechua, and Guarani.

Versão 19.13.2 (31/10/2025)

• Comprometer-se 0a1d7

  Correção de erros
  Fixed an issue where embedded YouTube videos were not loaded properly.

Versão 19.13.1 (30/10/2025)

• Comprometer-se 4f637

  Otimização
  Performance improvement of yearly updates views.

Versão 19.13.0 (27/10/2025)

• Comprometer-se 8bc95

  Funcionalidade
  Introduction of the languages Tagalog, Urdu, Benagli, Turkmen, and Haitian.

Versão 19.12.1 (25/10/2025)

• Comprometer-se 42841

  Otimização
  Using intelligent processing order to optimize performance of simple search queries. This improves execution speed of most queries for approx. 30%.

Versão 19.12.0 (20/10/2025)

• Comprometer-se 02c54

  Funcionalidade
  Introduction of the languages Igbo, Yoruba, Somali, Sindhi, and Uzbek.

Versão 19.11.0 (13/10/2025)

• Comprometer-se 29acd

  Funcionalidade
  Introduction of the languages Swahili, Zulu, Xhosa, and Tigrinya.

Versão 19.10.0 (06/10/2025)

• Comprometer-se 55d22

  Funcionalidade
  Introduction of the languages Burmese, Indonesian, Malay, and Amharic.

Versão 19.9.4 (03/10/2025)

• Comprometer-se 2202d

  Otimização
  Current status of submits during processing is available to resposible users only.

Versão 19.9.3 (02/10/2025)

• Comprometer-se 0f974

  Otimização
  CTI activity scores in overview lists announce upcoming data collection few very fresh vulnerability entries.

Versão 19.9.2 (01/10/2025)

• Comprometer-se e47d2

  Otimização

  Mudança na API
  The API endpoint provides better detection and verbose details if there is a problem with the API key (e.g. wrong format, too short).

Versão 19.9.1 (30/09/2025)

• Comprometer-se 165bc

  Otimização
  Performance optimization of all vulnerability views that contain live CTI activity score data.

Versão 19.9.0 (29/09/2025)

• Comprometer-se 22498

  Funcionalidade
  Introduction of the languages Vietnamese, Thai, Laotian, and Khmer.

Versão 19.8.2 (25/09/2025)

• Comprometer-se 72bb1

  Otimização
  Upgraded web server pool to improve performance.

Versão 19.8.1 (24/09/2025)

• Comprometer-se 78515

  Otimização
  Improved identification of similar vulnerability entries.

Versão 19.8.0 (22/09/2025)

• Comprometer-se c061b

  Funcionalidade
  Introduction of the languages Hindi, Nepalese, Singhalese, Pashtu, and Mongolian.

Versão 19.7.1 (17/09/2025)

• Comprometer-se df6ec

  Otimização
  Performance optimization of excessive request handling.

Versão 19.7.0 (15/09/2025)

• Comprometer-se b5296

  Funcionalidade
  Introduction of the languages Greek, Georgian, Kazach, Azerbaijani, and Tajik.

Versão 19.6.0 (08/09/2025)

• Comprometer-se 20594

  Funcionalidade
  Introduction of the languages Hewbrew, Persian, Kurdish, and Uyghur.

Versão 19.5.3 (07/09/2025)

• Comprometer-se 45a22

  Otimização
  Improved the handling of version range declarations in different languages (e.g. "up to" and "prior").

Versão 19.5.2 (03/09/2025)

• Comprometer-se 3c3a1

  Otimização
  Improved case-sensitivity handling of multi-language menu items.

Versão 19.5.1 (02/09/2025)

• Comprometer-se 211a8

  Otimização
  If a vulnerability entry does not list products with the field software_affectedlist but the field source_certbund_products contains useful information, then the vulnerability entry will list those as affected products.

Versão 19.5.0 (31/08/2025)

• Comprometer-se b4b63

  Funcionalidade
  Introduction of the languages Hungarian, Estonian, Latvian, and Lithuanian.

Versão 19.4.3 (29/08/2025)

• Comprometer-se 8b506

  Otimização
  User profiles provide a tooltip for the accepted vulnerability entry of a submit to see the title of the entry.

Versão 19.4.2 (28/08/2025)

• Comprometer-se 42d76

  Otimização
  Performance improvement of application request blocking of very aggressive clients.

Versão 19.4.1 (27/08/2025)

• Comprometer-se 525a3

  Otimização
  Introduction of a new network request limiter to block very aggressive clients.

Versão 19.4.0 (26/08/2025)

• Comprometer-se 74b07

  Funcionalidade
  Introduction of a new application request limiter to block very aggressive clients (e.g. scraping and flooding).

• Comprometer-se 20f37

  Otimização
  Performance improvement of bursting request handling by the web platform.

Versão 19.3.0 (25/08/2025)

• Comprometer-se 938d0

  Funcionalidade
  Introduction of the languages Turkish, Rumanian, Czech, Ukranian, and Bulgarian.

Versão 19.2.0 (20/08/2025)

• Comprometer-se 90b8f

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In API 3.84 the introduction of the request types vendorlookup and productlookup to provide a possibility for better product matching.

Versão 19.1.0 (19/08/2025)

• Comprometer-se 8d677

  Funcionalidade
  Introduction of the languages Dutch, Danish, Norwegian, Finnish, and Icelandic.

• Comprometer-se 8a7c1

  Otimização
  View optimization of the language selection on smaller screens.

Versão 19.0.0 (18/08/2025)

• Comprometer-se 3d859

  Funcionalidade
  Total overhaul of the language handling system to improve texts, descriptions, and details of the service. This will introduce the possibility to add new supported languages.

Versão 18.35.3 (17/08/2025)

• Comprometer-se 23052

  Otimização
  Better HTML compression for authenticated users to provide faster, smaller, and more efficient content delivery.

• Comprometer-se db90c

  Otimização
  Improved duplicate detection and handling for vulnerability submits.

Versão 18.35.2 (10/08/2025)

• Comprometer-se 83d65

  Otimização
  Vulnerability titles on narrow views are optimized to discard irrelevant data points.

• Comprometer-se b4a46

  Otimização
  Users are only listed as committers of vulnerability entries and CVE entries if their commits were approved. Unmoderated and rejected commits are not used.

Versão 18.35.1 (09/08/2025)

• Comprometer-se 6c88c

  Otimização
  Data in the CTI view per vulnerability entry is streamlined and provides better loading times.

Versão 18.35.0 (08/08/2025)

• Comprometer-se c9346

  Funcionalidade

  Pedido do cliente
  Vulnerability entries and RSS vulnerability feeds enhance information regarding local and remote exploitability by physical possibilities.

• Comprometer-se 5cd4b

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In API 2.46/3.83 introduction of the fields exploit_physical, exploit_local, and exploit_remote which indicate theoretical exploit capabilities.

• Comprometer-se c32fc

  Otimização
  Information about local and remote exploitability provide better accuracy.

Versão 18.34.0 (07/08/2025)

• Comprometer-se 2e23f

  Funcionalidade
  Simple search and advanced search provide improved lookups for CERT Bund WID identifiers.

Versão 18.33.0 (06/08/2025)

• Comprometer-se d3b3d

  Funcionalidade

  Pedido do cliente
  Simple search and advanced search provide improved lookups for EUVD identifiers.

Versão 18.32.5 (21/07/2025)

• Comprometer-se f6b40

  Otimização
  Changing credit card information for existing customers announces the requirement for a login to finalize the action.

Versão 18.32.4 (18/07/2025)

• Comprometer-se d5250

  Otimização
  IP address classification better reflects IP address structures and age.

Versão 18.32.3 (17/07/2025)

• Comprometer-se bb891

  Otimização
  Cyber threat intelligence views show count indicators for interest and vulnerabilities.

• Comprometer-se 04b9c

  Otimização

  Pedido do cliente
  Search queries and filters are able to better handle special variants of characters like accents and Umlaute. This guarantees a better search experience with less risk for false-negatives.

Versão 18.32.2 (16/07/2025)

• Comprometer-se cbc9a

  Otimização
  The sub-menu of IP address views links to recent IP adresses instead of recent actors.

Versão 18.32.1 (15/07/2025)

• Comprometer-se 6da2f

  Otimização
  Database structures, dependencies, and index handling was drastically optimized, which improves the performance of many complex queries.

Versão 18.32.0 (14/07/2025)

• Comprometer-se 14073

  Funcionalidade

  Mudança na API
  In API 3.82 introduction of the fields source_certbund_wid, source_certbund_published, source_certbund_title, source_certbund_products, source_certbund_classification, source_certbund_basescore, source_certbund_tempscore, source_certbund_nopatch.

Versão 18.31.7 (13/07/2025)

• Comprometer-se 6eaa5

  Otimização
  Vulnerability entries in other languages provide better translation for certain items.

Versão 18.31.6 (11/07/2025)

• Comprometer-se 7004b

  Otimização
  View optimization of mail alert messages. CVSSv3 was renamed to CVSS and details at the bottom do not deploy an alignment anymore.

Versão 18.31.5 (10/07/2025)

• Comprometer-se 620fb

  Otimização

  Pedido do cliente
  Statistical data for views with old entries were blurried for free users. This limitation is now disabled to provide better possibilities to review the coverage and quality of our data.

Versão 18.31.4 (04/07/2025)

• Comprometer-se f5e98

  Otimização
  In the submit view long descriptions are broken to provide better data accessibility.

Versão 18.31.3 (30/06/2025)

• Comprometer-se 7a489

  Otimização
  In the submit moderation overview long descriptions are broken to provide better accessibility for moderators.

Versão 18.31.2 (28/06/2025)

• Comprometer-se 1745b

  Otimização
  Slightly better loading times for the Live Updates View due to optimized query handling.

Versão 18.31.1 (26/06/2025)

• Comprometer-se c485a

  Correção de erros
  Fixed an issue where CVSSv4 scores by third parties with a value of 0.0 were not shown correctly.

Versão 18.31.0 (19/06/2025)

• Comprometer-se b25df

  Funcionalidade
  Indicator in the site footer shows which data pool is used to serve the user.

Versão 18.30.1 (15/06/2025)

• Comprometer-se 40bd7

  Otimização
  Performance improvement of al My Alert views.

Versão 18.30.0 (14/06/2025)

• Comprometer-se 22b80

  Funcionalidade

  Pedido do cliente
  Complete overhaul of the My Alert overview to provide more data and better accessibility. This includes total, maximum, and average CVSS scores per alert.

• Comprometer-se 01b86

  Funcionalidade

  Pedido do cliente
  My Alert summaries can be shown per month to provide better accessibility to earlier alerts.

Versão 18.29.1 (10/06/2025)

• Comprometer-se da6c0

  Correção de erros
  Fixed an issue where in vulnerability overviews field data for CVSSv2 was wrongfully accessed via cache if the server was under heavy load.

• Comprometer-se da6c0

  Correção de erros
  Fixed an issue where in vulnerability overviews field data for CVSSv2 was wrongfully shown even though commits for it were rejected.

Versão 18.29.0 (07/05/2025)

• Comprometer-se b9127

  Funcionalidade
  Opening a support ticket creates a unique ticket number to make tracking easier.

Versão 18.28.3 (06/06/2025)

• Comprometer-se 17e13

  Otimização
  CVE entries maintained by us as a CVE Numbering Authority (CNA) do also include temporal attributes for all the available CVSS vectors.

Versão 18.28.2 (04/06/2025)

• Comprometer-se f2375

  Otimização
  KEV views do not display the exploitability status anymore, because this is always Attacked anyway.

Versão 18.28.1 (02/06/2025)

• Comprometer-se be29e

  Otimização
  Performance optimization to handle load and access peaks much better.

Versão 18.28.0 (01/06/2025)

• Comprometer-se eeb1a

  Funcionalidade

  Mudança na API
  In API 1.20/2.45/3.81 introduction of the value A (Attacked) for the field exploit_exploitability.

• Comprometer-se 6f71b

  Funcionalidade
  Overview lists of vulnerabilities which display exploitability information do now support the value Attacked to indicate entries which are known for real-word exploiting.

Versão 18.27.0 (19/05/2025)

• Comprometer-se e0463

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In API 3.80 introduction of a new CTI API query type iplist_date which allows to fetch a list of IP addresses added on a specific date.

Versão 18.26.1 (14/05/2025)

• Comprometer-se 17f96

  Otimização
  Layout of email notification for password changes optimized.

Versão 18.26.0 (13/05/2025)

• Comprometer-se faa4e

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In API 3.79 introduction of the field source_euvd_id to reflect identifiers of the European Union Vulnerability Database.

Versão 18.25.3 (08/05/2025)

• Comprometer-se 8f54a

  Otimização

  Pedido do cliente
  Permabans of weak comments was too aggressive and affected users which did not violate any expectations. This issue was reported by user portal.

Versão 18.25.2 (04/05/2025)

• Comprometer-se a5f89

  Otimização
  Improvement of category and confidence tagging of Indicators of Compromise (IOC).

Versão 18.25.1 (27/04/2025)

• Comprometer-se 613ef

  Otimização
  Improvement of automated spam detection for comment posting of vulnerability entries. Malicious users are automatically temporarily or permanently banned from postig if they violate the terms.

Versão 18.25.0 (26/04/2025)

• Comprometer-se 004c0

  Funcionalidade

  Mudança na API
  In API 3.78 introduction of the fields source_cnvd_id, source_cnvd_submit, source_cnvd_open, source_cnvd_severity, and source_cnvd_title.

Versão 18.24.1 (25/04/2025)

• Comprometer-se 9d0ff

  Otimização

  Pedido do cliente
  The creation of version ranges of affected vulnerabilities does provide a more accurate upper bound value. This improves accuracy of version lists and CPE lists alike.

Versão 18.24.0 (23/04/2025)

• Comprometer-se 93434

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In API 3.77 introduction of the virtual fields source_gcve_cve and source_gcve_vuldb to highlight our activity as GCVE Numbering Authority (GNA) for the Global CVE Allocation System (GCVE).

Versão 18.23.1 (22/04/2025)

• Comprometer-se 5e790

  Otimização
  List of comments for vulnerability entries show the title of the entry as the tool tip of the VDB identifier.

• Comprometer-se 5e790

  Otimização
  List of comments for vulnerability entries show the associated CVE in a dedicated column to provide better accessibility.

Versão 18.23.0 (20/04/2025)

• Comprometer-se e6859

  Funcionalidade

  Pedido do cliente
  Dedicated dashboard for Global CVE Allocation System (GCVE) available with most recent entries and their associated mappings.

• Comprometer-se b752b

  Funcionalidade

  Pedido do cliente
  The export section does provide free access to Global CVE Allocation System (GCVE) reference maps.

Versão 18.22.3 (19/04/2025)

• Comprometer-se 3a614

  Otimização
  Hiding unavailble fields of commit details which are not moderated yet.

Versão 18.22.2 (18/04/2025)

• Comprometer-se 5a426

  Otimização
  Vulnerability entries contain the GCVE identifier of CVE (range 0) and VulDB (range 100) if available.

Versão 18.22.1 (17/04/2025)

• Comprometer-se 64514

  Otimização

  Pedido do cliente
  Improvement of the accuracy of the virtual field exploit_exploitability which will assess multiple other fields to determine the most reasonable value.

Versão 18.22.0 (16/04/2025)

• Comprometer-se e0f77

  Funcionalidade
  VulDB has officially become a GCVE Numbering Authority (GNA) for the Global CVE Allocation System (GCVE). Our namespace is 100 and GCVE identifiers are derived from our VDB identifiers. GCVE identifiers are shown in the header and the source section of vulnerability entries.

Versão 18.21.6 (03/04/2025)

• Comprometer-se e3929

  Otimização
  CVSS score handling of new commits in vulnerability entries is more robust.

Versão 18.21.5 (31/03/2025)

• Comprometer-se af45c

  Correção de erros
  The average amount of vulnerability entry updates was not calculated correctly for the statistical overview.

Versão 18.21.4 (30/03/2025)

• Comprometer-se c690a

  Otimização
  Improvement of performance by cleaning up unused code. Especially legacy code that was used for megablock handling.

Versão 18.21.3 (29/03/2025)

• Comprometer-se 96bb8

  Otimização
  Improvement of the view of commit details to provide better data accessibility.

Versão 18.21.2 (28/03/2025)

• Comprometer-se a2393

  Correção de erros
  Mail alerts were sent with the wrong language which has been reverted to being sent always in English.

Versão 18.21.1 (27/03/2025)

• Comprometer-se 750af

  Otimização
  Better weighting of CTI activity scores for older vulnerability entries.

Versão 18.21.0 (25/03/2025)

• Comprometer-se a743b

  Funcionalidade
  Improvement of CTI activity signal handling to better extract highly important entries and to demote older vulnerabilities.

Versão 18.20.4 (20/03/2025)

• Comprometer-se 35505

  Correção de erros
  Fixed an issue in certain CTI views were the amount of references and samples was not displayed correctly.

Versão 18.20.3 (19/03/2025)

• Comprometer-se 5e5ca

  Otimização
  Improvement of translation of the web service to provide a better wording and reflect cultural context in details.

Versão 18.20.2 (12/03/2025)

• Comprometer-se 8b65d

  Otimização
  Improved accessibility of submit moderation to increase performance and quality.

Versão 18.20.1 (11/03/2025)

• Comprometer-se 98de0

  Otimização
  Performance improvements of chart views which do not include timeseries data.

Versão 18.20.0 (10/03/2025)

• Comprometer-se 4a434

  Funcionalidade
  Additional predictive view for Known Exploited Vulnerabilities which includes issues which might get added to the catalogue in the future.

Versão 18.19.1 (09/03/2025)

• Comprometer-se 72ac9

  Otimização
  Optimization of the monoblock database engine to increase performance for certain special queries.

Versão 18.19.0 (05/03/2025)

• Comprometer-se 8ef0d

  Funcionalidade

  Pedido do cliente
  We provide a very accessible view for all recent entries declared as Known Exploited Vulnerabilities by CISA.

Versão 18.18.1 (02/03/2025)

• Comprometer-se adeb6

  Correção de erros
  Fixed an issue where certain CVSSv4 CNA vector values were not stored properly during update processes. This affected updates happening between 2025-02-24 and 2025-03-01. They will be corrected in a later update run.

Versão 18.18.0 (28/02/2025)

• Comprometer-se 391ce

  Funcionalidade
  The form to submit new vulnerabilities informs users about delays due to many open items waiting to be processed in the queue already.

Versão 18.17.3 (27/02/2025)

• Comprometer-se a3a19

  Correção de erros

  Mudança na API
  Fixed an issue where the renewal for an API key did not show a login prompt if an unauthenticated user accessing the feature.

Versão 18.17.2 (24/02/2025)

• Comprometer-se 7b151

  Correção de erros
  Fixed an issue where vulnerability entries without a CVSSv4 impact were not shown correctly in overview lists and detail views.

Versão 18.17.1 (20/02/2025)

• Comprometer-se 61977

  Correção de erros
  Fixed an issue where votes for threads of vulnerability comments were not possible on certain instances.

Versão 18.17.0 (18/02/2025)

• Comprometer-se f2efe

  Funcionalidade

  Pedido do cliente
  We provide a statistical overview of all CWE that are used in our vulnerability database entries.

Versão 18.16.3 (17/02/2025)

• Comprometer-se 9b5d0

  Otimização
  Performance and stability optimization of vulnerability database queries.

Versão 18.16.2 (16/02/2025)

• Comprometer-se d4857

  Otimização
  Vulnerability submissions with weak or wrong disclosure links get much less community points.

Versão 18.16.1 (02/02/2025)

• Comprometer-se 861aa

  Otimização
  Cleaning obsolete code of features like threat intelligence, vulnerability edit handling, worldmap display, and blocklist maintenance.

Versão 18.16.0 (29/01/2025)

• Comprometer-se c9cdb

  Funcionalidade
  List of users with top activities shows number of points per year on average as well.

Versão 18.15.2 (20/01/2025)

• Comprometer-se 10aff

  Correção de erros
  Fixed an issue where complex searches regarding affected versions were not returning all associated results correctly.

Versão 18.15.1 (19/01/2025)

• Comprometer-se 369b1

  Otimização
  Improved handling of version data of Linux Kernel vulnerability entries.

Versão 18.15.0 (16/01/2025)

• Comprometer-se 91aef

  Funcionalidade
  It is possible to review commits live as well to see ongoing and upcoming changes to vulnerability entries.

Versão 18.14.9 (15/01/2025)

• Comprometer-se c4721

  Correção de erros
  Fixed a rare issue where certain extended search queries were not able to collect the necessary vulnerability information.

Versão 18.14.8 (13/01/2025)

• Comprometer-se 92072

  Otimização

  Mudança na API
  In API 2.44/3.76 the ETag header of API responses is compressed to provide better performance.

Versão 18.14.7 (05/01/2025)

• Comprometer-se f402c

  Otimização
  Public vulnerability submits automatically hide real-world IP addresses to prevent any form of privacy leakage.

Versão 18.14.6 (29/12/2024)

• Comprometer-se d5923

  Correção de erros
  Vulnerability entries with open edits were not properly rendered in user profiles.

Versão 18.14.5 (26/12/2024)

• Comprometer-se a077d

  Otimização
  Embargoed vulnerability submits are hidden on smaller screens to provide better visibility for important submits.

Versão 18.14.4 (23/12/2024)

• Comprometer-se 9a559

  Otimização
  Editing a vulnerability entry will show a small tutorial to help new users enriching existing entries.

Versão 18.14.3 (22/12/2024)

• Comprometer-se 60777

  Otimização
  Better value analysis of vulnerability submissions to establish temporary and permanent bans of malicious activities.

Versão 18.14.2 (21/12/2024)

• Comprometer-se dd0d7

  Otimização
  The reference map for Tools also lists Qualys identifiers.

Versão 18.14.1 (20/12/2024)

• Comprometer-se fa758

  Otimização
  Better value analysis of vulnerability commits to establish temporary or permanent bans of malicious activities.

Versão 18.14.0 (19/12/2024)

• Comprometer-se 54d4b

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In API 3.75 the CTI API support the new query type sector which shows recent activities targeting specific sectors.

Versão 18.13.0 (16/12/2024)

• Comprometer-se da7dc

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In API 3.74 most CTI queries may include targeted software types and sectors.

Versão 18.12.6 (12/12/2024)

• Comprometer-se 13bd3

  Otimização

  Mudança na API
  In API 3.73 requesting CTI queries listing associated countries are now sorted in descending order of activity detection.

Versão 18.12.5 (06/12/2024)

• Comprometer-se 1081d

  Otimização
  Update of most active countries for CTI data is much faster and demands less memory.

Versão 18.12.4 (05/12/2024)

• Comprometer-se 6cc69

  Correção de erros

  Mudança na API

  Pedido do cliente
  In API 3.72 fixed an issue where VulDB CVSSv4 scores with a value of 0.0 were not shown properly. This affected just a few vulnerability entries. Thanks to Ryan Egbert for reporting this issue.

• Comprometer-se 6cc69

  Correção de erros

  Mudança na API

  Pedido do cliente
  In API 3.72 fixed an issue where external CVSSv4 sources did not always contain vulnerability_cvss4_cna_bvector and vulnerability_cvss4_cna_btvector fields. Thanks to Ryan Egbert for reporting this issue.

Versão 18.12.3 (30/11/2024)

• Comprometer-se 7b1be

  Otimização
  Faster and more accurate merge of CPE data provided by NVD with our own CPE data.

Versão 18.12.2 (28/11/2024)

• Comprometer-se 534e8

  Otimização

  Mudança na API
  Optimization of personal views for access history, search history, and API history.

Versão 18.12.1 (25/11/2024)

• Comprometer-se 0bb99

  Otimização
  Improved generation of CSRF tokens to increase complexity of successful CSRF attacks.

Versão 18.12.0 (21/11/2024)

• Comprometer-se 573a5

  Funcionalidade
  Introduction of a new advanced search with additional artificial intelligence capabilities. Queries are much faster and provide better accuracy.

Versão 18.11.0 (19/11/2024)

• Comprometer-se 17636

  Funcionalidade
  Introduction of a new simple search with additional artificial intelligence capabilities. Queries are much faster and provide better accuracy.

Versão 18.10.1 (13/11/2024)

• Comprometer-se 30cde

  Correção de erros
  Fixed an issue where under certain circumstances a listing of affected version numbers was not ordered properly.

Versão 18.10.0 (08/11/2024)

• Comprometer-se b7453

  Funcionalidade

  Pedido do cliente
  Providing a new overview of CTI identifiers and warnings to help to determine emerging threats quickly.

Versão 18.9.7 (06/11/2024)

• Comprometer-se 2c281

  Otimização
  Better duplicate action detection and processing warning during vulnerability moderation.

Versão 18.9.6 (05/11/2024)

• Comprometer-se f5ab6

  Otimização
  Vulnerability entries with merged CPE data originating from NVD respect the different splitting methodologies to prevent data overloading between affected products.

Versão 18.9.5 (04/11/2024)

• Comprometer-se e6800

  Otimização
  Vulnerability relate views show associated CVE identifiers for better analysis capabilities.

• Comprometer-se f1d3f

  Otimização
  Performance optimization of see also data of vulnerability entries.

Versão 18.9.4 (03/11/2024)

• Comprometer-se 3227d

  Otimização
  Repositioning of expiring password information hint in the user menu.

• Comprometer-se f3710

  Otimização
  Performance optimization of complex vulnerability views.

• Comprometer-se f3710

  Otimização
  Performance optimization of CTI actor views.

Versão 18.9.3 (02/11/2024)

• Comprometer-se f135f

  Otimização
  Performance optimization of vulnerability live views.

• Comprometer-se f135f

  Otimização
  Performance optimization of file integrity checks.

Versão 18.9.2 (01/11/2024)

• Comprometer-se ed9c3

  Otimização
  Improved speed of collecting and displaying CTI data in vulnerability entries (requires a CTI license).

Versão 18.9.1 (29/10/2024)

• Comprometer-se 2cee7

  Otimização

  Mudança na API
  In API 3.71 improves the generation of Vulnerability API CTI values enabled with cti=1 drastically.

Versão 18.9.0 (28/10/2024)

• Comprometer-se ce30b

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In API 3.70 introduces the Vulnerability API CTI fields cti_activity_ipaddr, cti_ioa_file, cti_ioa_library, cti_ioa_argument, cti_ioa_inputvalue, cti_ioa_pattern, cti_ioa_networkport, cti_ttp_attck, cti_ttp_cwe, and cti_ttp_capec.

Versão 18.8.3 (26/10/2024)

• Comprometer-se c0ee8

  Otimização
  Vulnerability diff views now display up to 5 changes of an entry to provide better analysis possibilities.

Versão 18.8.2 (25/10/2024)

• Comprometer-se 5de35

  Otimização
  Vulnerability diff views always show up to the last 4 changes of an entry, no matter if it was the initial creation or succeeding updates.

Versão 18.8.1 (24/10/2024)

• Comprometer-se fad87

  Otimização
  Improved wording for the temporary authentication of embargoed submits.

• Comprometer-se 20ee8

  Correção de erros
  Fixed an issue where CVSSv2 and CVSSv3 temp scores were updated properly but the underlying vectors were updated delayed. This affected VulDB vectors only.

• Comprometer-se e7432

  Correção de erros

  Mudança na API

  Pedido do cliente
  Fixed a very rare issue where the JSON format of the API did not list versions properly. Thanks to the user bors2908 for reporting this issue.

Versão 18.8.0 (23/10/2024)

• Comprometer-se 8ab0a

  Funcionalidade

  Mudança na API

  Pedido do cliente
  Users are able to rotate their personal API key. This will revoke the existing API key which will then require to deploy the new API key on all clients (e.g. Splunk).

Versão 18.7.1 (22/10/2024)

• Comprometer-se 60c2a

  Correção de erros

  Pedido do cliente
  Fixed a bug where some emails were sent with wrong end-of-line characters.

Versão 18.7.0 (18/10/2024)

• Comprometer-se 4be6a

  Funcionalidade

  Pedido do cliente
  The Cyber Threat Intelligence platform does not provide details about IP addresses. A CTI license is required to get full access.

Versão 18.6.8 (17/10/2024)

• Comprometer-se 05b00

  Otimização
  The statistical view shows additional details about cyber threat intelligence (actor monitoring and exploit identification).

Versão 18.6.7 (14/10/2024)

• Comprometer-se 18e76

  Otimização
  Improvement of vulnerability titles containing complex file name structures.

Versão 18.6.6 (13/10/2024)

• Comprometer-se 950f4

  Correção de erros
  Fixed an issue where certain products were flagged as end of life even though that was not true.

Versão 18.6.5 (12/10/2024)

• Comprometer-se 08e5a

  Correção de erros
  Fixed an issue where CVSSv4 vectors of sources without CVSS-BT data were transponding these fields from the VulDB vector data which could lead to sometimes confusing assignments.

Versão 18.6.4 (11/10/2024)

• Comprometer-se 797c4

  Otimização

  Mudança na API

  Pedido do cliente
  In API 1.19/2.43/3.69 the CSV output format contains additional CVSS scoring fields.

Versão 18.6.3 (09/10/2024)

• Comprometer-se 5ffed

  Otimização
  Within vulnerability diff views all data fields based on unix timestamps show human-readable dates as well.

Versão 18.6.2 (27/09/2024)

• Comprometer-se a7c8a

  Otimização
  Prioritizing Nessus Plugin ID in vulnerability entry headers.

Versão 18.6.1 (23/09/2024)

• Comprometer-se 419a8

  Correção de erros
  Under certain circumstances the calculation of community points was not correct which lead to a decrease in collected points. Thanks to the user guru for reporting this issue.

Versão 18.6.0 (22/09/2024)

• Comprometer-se 45d0d

  Funcionalidade
  Linked certain CTI views to the according knowledge base entries (e.g. actors, countries, events).

Versão 18.5.0 (21/09/2024)

• Comprometer-se c23e4

  Otimização
  Added a symbol to all views that require moderation or administrative permissions.

• Comprometer-se aac87

  Funcionalidade

  Mudança na API
  Added CNA and API details to the CVE sync view which requires CNA or vulnerability moderation permissions.

Versão 18.4.13 (20/09/2024)

• Comprometer-se 5030c

  Otimização
  Highlighted and tagged all main menu items that require moderation or administrative permissions.

• Comprometer-se dbbf5

  Otimização
  Improved the view and capabilities of the manual vulnerability import feature available to vulnerability moderators.

Versão 18.4.12 (19/09/2024)

• Comprometer-se 7d964

  Otimização
  Enhanced the wording for vulnerability coordination emails to reflect possibilities for quotes in CVE summaries better.

Versão 18.4.11 (17/09/2024)

• Comprometer-se 456c0

  Otimização
  Better evening out anomalies during CTI activity score detection to provide more accurate results.

Versão 18.4.10 (16/09/2024)

• Comprometer-se 5a06c

  Otimização
  Listings of vulnerability submits show the granted community points to honor better submission entries.

• Comprometer-se 854a0

  Otimização
  Vulnerability submit entries show assigned points for non-authenticated users as well.

Versão 18.4.9 (15/09/2024)

• Comprometer-se 1efee

  Otimização
  Re-caclulation of all points for vulnerability submits to penalize weak submission entries more (e.g. missing product details, very short descriptions).

Versão 18.4.8 (14/09/2024)

• Comprometer-se 052f0

  Otimização
  Listing members of the vulnerability moderation team in the vulnerability moderation view.

• Comprometer-se 89d2b

  Otimização
  Improved action forms in the vulnerability moderation view.

Versão 18.4.7 (13/09/2024)

• Comprometer-se df251

  Otimização
  Automated expiration of moderation rights for admin users.

Versão 18.4.6 (12/09/2024)

• Comprometer-se af51e

  Otimização
  Listing members of the actor moderation team in the actor import view.

Versão 18.4.5 (09/09/2024)

• Comprometer-se cf860

  Otimização
  Better performance to import new Indicators of Compromise (IOC) for malicious actors.

Versão 18.4.4 (04/09/2024)

• Comprometer-se 6c28e

  Otimização
  History views of vulnerability entries show the username instead of the user in the chart legend.

• Comprometer-se 6c28e

  Otimização
  History views of vulnerability entries show shortened field names in the chart legend.

• Comprometer-se 6c28e

  Otimização
  History views of vulnerability entries list commits and approvals with 0 confidence as well in the charts.

Versão 18.4.3 (03/09/2024)

• Comprometer-se 400a0

  Correção de erros
  Fixed an issue where vulnerability entries sometimes mention a fix timeline even though there is no fix available.

Versão 18.4.2 (31/08/2024)

• Comprometer-se 2a249

  Otimização
  Improved display of long submit titles on small displays like smart phones.

Versão 18.4.1 (28/08/2024)

• Comprometer-se ca544

  Otimização
  Optimized database connection handling to improve performance and decrease ressource occupancy on the servers.

Versão 18.4.0 (27/08/2024)

• Comprometer-se 7a8cb

  Funcionalidade
  Linking to the RSS feed of the changelog in the HTML header for easier accessibility.

Versão 18.3.2 (26/08/2024)

• Comprometer-se 59faf

  Otimização
  Improved the handling of vulnerability titles if many names are listed as affected vendor.

Versão 18.3.1 (25/08/2024)

• Comprometer-se 1909d

  Otimização
  The assignment of points for submits is more strict but takes details into consideration (e.g. technical details in descriptions).

Versão 18.3.0 (24/08/2024)

• Comprometer-se 0d864

  Funcionalidade
  Public user profiles show details about their community engagement with posts and comments.

• Comprometer-se 3e979

  Otimização
  The view for personal posts history is improved and contains additional details.

Versão 18.2.0 (23/08/2024)

• Comprometer-se 6c1a6

  Funcionalidade
  Public user profiles show details about their community engagement like recent submits and commits.

Versão 18.1.7 (22/08/2024)

• Comprometer-se 2e090

  Otimização
  The view for personal search history is improved and contains additional details.

• Comprometer-se 44262

  Correção de erros
  Fixed an issue were large vulnerability lists were sometimes not showing special characters properly due to an encoding problem.

Versão 18.1.6 (21/08/2024)

• Comprometer-se 49395

  Otimização
  Vulnerability titles with unusual vulnerability classes explain those whenever possible and do not just show "unknown vulnerability" anymore.

• Comprometer-se 8db81

  Otimização
  The view for personal submits is improved and contains additional stats and more details.

• Comprometer-se d167f

  Correção de erros
  Fixed a very rare issue where internal moderators were not able to debug search queries properly.

Versão 18.1.5 (20/08/2024)

• Comprometer-se 971a6

  Correção de erros
  Under certain circumstances the CPE string for products with dedicated patch levels was not shown correctly.

Versão 18.1.4 (17/08/2024)

• Comprometer-se 39bc4

  Otimização
  Editing a vulnerability entry will warn if a deprecated CWE value is selected.

Versão 18.1.3 (11/08/2024)

• Comprometer-se 15e3f

  Otimização
  Views with user avatars are loaded much faster thanks to multiple query optimization techniques.

• Comprometer-se e1f4f

  Otimização
  Color of duplicate submissions set to a darker orange tone to highlight that they are not very useful.

Versão 18.1.2 (10/08/2024)

• Comprometer-se 80e03

  Correção de erros
  Fixed an issue where the recent chart on the front page was not updated properly when the service was under heavy load.

Versão 18.1.1 (09/08/2024)

• Comprometer-se b7371

  Otimização
  Optimized the exploit 0day price calculation which was sometimes too low.

• Comprometer-se 1ad05

  Otimização
  Submit overviews will show users even on smaller screens.

• Comprometer-se f6871

  Otimização
  The personal avatar is shown in the side menu as well (instead of the old user icon).

Versão 18.1.0 (08/08/2024)

• Comprometer-se 91a5f

  Funcionalidade

  Pedido do cliente
  Community users are able to create their individual avatars in their profile settings.

• Comprometer-se 91a5f

  Funcionalidade
  Community user avatars are shown in lists, submits, commits, and posts.

Versão 18.0.0 (07/08/2024)

• Comprometer-se 6b586

  Funcionalidade

  Pedido do cliente
  All community user submits are now public and accessible to provide full transparency.

• Comprometer-se b9313

  Funcionalidade
  A new live view shows the most recent community user submits.

Versão 17.29.0 (06/08/2024)

• Comprometer-se 4f9b9

  Funcionalidade
  It is easier possible to change the password of existing accounts without using the password reset process.

• Comprometer-se 091b3

  Funcionalidade
  All password changes are reported to the associated mail address.

Versão 17.28.10 (02/08/2024)

• Comprometer-se 49614

  Otimização

  Pedido do cliente
  Optimized queries and performance for personal My-Views (Recent, Updates, and Alerts).

Versão 17.28.9 (01/08/2024)

• Comprometer-se a64d7

  Otimização
  Short vulnerability titles do also show affected file names even if large quantities of GET parameters are necessary.

Versão 17.28.8 (28/07/2024)

• Comprometer-se 697de

  Otimização
  Editing vulnerability entries loads forms and dependencies much faster.

Versão 17.28.7 (27/07/2024)

• Comprometer-se a07e4

  Otimização
  The overview ob submits hides blurried items on small screens to provide better accessibility.

Versão 17.28.6 (24/07/2024)

• Comprometer-se 8bc47

  Otimização
  CTI views of vulnerabilities are able to link the correct actor or campaign based on associated vulnerability names.

Versão 17.28.5 (23/07/2024)

• Comprometer-se a3456

  Otimização
  Vulnerability history views do not have links to new data anymore if the data value is empty (e.g. an existing data point was deleted).

Versão 17.28.4 (20/07/2024)

• Comprometer-se a7ec5

  Otimização
  Statistical overviews of vulnerability submits done by users is introducing color codes to make them more readable.

Versão 17.28.3 (18/07/2024)

• Comprometer-se 0aeaa

  Otimização
  Indicators for CERT vulnerabilities are more prominent and link directly to the according advisory.

• Comprometer-se e4a9d

  Otimização
  Diff views for vulnerabilities now indicate the creation of an entry and the dedicated updatesets.

• Comprometer-se 04f0f

  Correção de erros

  Mudança na API
  Fixed an issue where under certain circumstances paying customers with additional free API credits were shown negative values for available API credits in their user profile.

Versão 17.28.2 (17/07/2024)

• Comprometer-se df755

  Otimização
  Improved CVE range search to prevent long queries.

• Comprometer-se f3eb9

  Otimização
  Reordered sources in vulnerability entries to better reflect availability and popularity.

Versão 17.28.1 (16/07/2024)

• Comprometer-se 0b780

  Otimização
  Vulnerability history views highlight rollbacks and reverts to distinguish them from regular rejects.

Versão 17.28.0 (04/07/2024)

• Comprometer-se 45cc8

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In API 2.42/3.68 introduced the fields source_cnnvd_id, source_cnnvd_name, source_cnnvd_hazardlevel, source_cnnvd_create, source_cnnvd_publish, and source_cnnvd_update.

Versão 17.27.0 (03/07/2024)

• Comprometer-se e5f8e

  Funcionalidade
  Certain views like Live Recent show a column with the responsible CNA.

Versão 17.26.1 (30/06/2024)

• Comprometer-se 6f955

  Otimização
  Source monitoring parsing optimized for new CVSSv4 vectors provided by external parties (e.g. CVE, CISA).

Versão 17.26.0 (29/06/2024)

• Comprometer-se 5ccf0

  Funcionalidade
  Vulnerability views for history and diff show the count of established commits.

Versão 17.25.4 (25/06/2024)

• Comprometer-se 45ee7

  Otimização
  Vulnerability diff views are able to show 4 instead of just 3 generations of updated collections.

• Comprometer-se 45ee7

  Otimização
  Vulnerability history views provide optimized field names for better layouting and clarity.

Versão 17.25.3 (22/06/2024)

• Comprometer-se 92046

  Otimização
  Performance optimization of the vulnerability database tables to make them smaller and faster to work with.

Versão 17.25.2 (19/06/2024)

• Comprometer-se b1b1a

  Otimização
  Improved the structure of notification emails if a login of a new device was detected.

Versão 17.25.1 (18/06/2024)

• Comprometer-se d774a

  Correção de erros

  Mudança na API
  In API 3.67 fixed a bug which affected IP address based CTI queries with partially missing indicators.

Versão 17.25.0 (16/06/2024)

• Comprometer-se 9b733

  Funcionalidade

  Mudança na API
  In API 2.41/3.66 introduced the fields source_0daytoday_id, source_0daytoday_date, and source_0daytoday_title.

Versão 17.24.0 (14/06/2024)

• Comprometer-se 26795

  Funcionalidade

  Mudança na API
  In API 2.40/3.65 introduced the fields source_milw0rm_id and source_milw0rm_unavailable for historical purposes.

Versão 17.23.0 (11/06/2024)

• Comprometer-se 672d2

  Funcionalidade
  The reliability level of IOCs degrades over time and is better shown with the confidence indicator.

Versão 17.22.0 (09/06/2024)

• Comprometer-se f4433

  Funcionalidade
  Vulnerability lists and vulnerability entries mentioning zero-day.cz do properly link to the source entry.

Versão 17.21.0 (08/06/2024)

• Comprometer-se 2ecd8

  Funcionalidade
  Vulnerability list overviews with EPSS scores show a tooltip with the associated EPSS percentile value.

• Comprometer-se 2ecd8

  Funcionalidade
  Vulnerability list overviews with revoked CVE identifiers show a tooltip with the reasoning.

Versão 17.20.1 (06/06/2024)

• Comprometer-se 63c1c

  Otimização

  Mudança na API
  The detail view for personal API access history items is optimized to provide a better overview.

Versão 17.20.0 (03/06/2024)

• Comprometer-se 0e4d1

  Funcionalidade

  Mudança na API
  In API 2.39/3.64 introduced the fields source_zerodaycz_id and source_zerodaycz_title.

Versão 17.19.3 (01/06/2024)

• Comprometer-se 99084

  Otimização
  Performance optimization of database queries for vulnerability entries.

Versão 17.19.2 (28/05/2024)

• Comprometer-se a51a7

  Otimização
  Optimized the language menu view to make it better readable.

Versão 17.19.1 (27/05/2024)

• Comprometer-se cdf1b

  Otimização
  Commit histories of vulnerability entries flag not accepted commits and reverted commits differently.

Versão 17.19.0 (26/05/2024)

• Comprometer-se ddbe8

  Funcionalidade
  The most important articles in the Knowledge Base are tagged to make access for new users easier.

Versão 17.18.2 (18/05/2024)

• Comprometer-se ff750

  Otimização
  Behavior of vulnerability submits is shown in all user profiles of community member that have made at least one vulnerability submission.

Versão 17.18.1 (15/05/2024)

• Comprometer-se 8644a

  Otimização
  Layout optimization of the relate table view for vulnerability entries.

Versão 17.18.0 (14/05/2024)

• Comprometer-se 5c336

  Funcionalidade
  Introduction of the relate view for vulnerability entries which shows associated vulnerabilities based on affected elements.

Versão 17.17.4 (13/05/2024)

• Comprometer-se debd2

  Otimização
  Vulnerability entries show other associated and similar entries much better.

Versão 17.17.3 (12/05/2024)

• Comprometer-se 6e778

  Otimização
  Updating all references to align with the new structure of the upcoming CNA Rules 4.0.

Versão 17.17.2 (10/05/2024)

• Comprometer-se 66367

  Otimização
  Completing version data for known products based on historical data is improved regarding quality and performance.

Versão 17.17.1 (08/05/2024)

• Comprometer-se 8d986

  Otimização
  Performance improvement of historical version analysis provides a better user experience when accessing vulnerability enrtries.

Versão 17.17.0 (07/05/2024)

• Comprometer-se c8039

  Funcionalidade
  Vulnerability entries contain the cache identifier to better associate activities to user groups.

Versão 17.16.2 (05/05/2024)

• Comprometer-se f65a0

  Otimização
  Vulnerability submission entries link better to the associated vulnerability entry.

• Comprometer-se f65a0

  Otimização
  Vulnerability submissions link to the current process step as explained in the Knowledge Base.

Versão 17.16.1 (29/04/2024)

• Comprometer-se 6c2e6

  Otimização

  Pedido do cliente
  The CPE list is automcompleted based on historical data if a countermeasure version is known but affected versions are unknown.

Versão 17.16.0 (27/04/2024)

• Comprometer-se 79b0d

  Funcionalidade
  Approved vulnerability submits are also published within a new RSS feed to make analysis of new vulnerability entries much easier.

Versão 17.15.1 (25/04/2024)

• Comprometer-se 05482

  Correção de erros
  Fixed an issue where under some rare circumstances some vulnerability entries did not show the CPE strings.

Versão 17.15.0 (24/04/2024)

• Comprometer-se 08a14

  Funcionalidade
  Vulnerability entries list associated CAPEC identifierts.

Versão 17.14.0 (23/04/2024)

• Comprometer-se 07133

  Funcionalidade

  Mudança na API
  In API 3.63 CTI responses may contain the field capec which lists all associated CAPEC items.

Versão 17.13.0 (22/04/2024)

• Comprometer-se b56ac

  Funcionalidade
  CTI views containing TTP (Tactics, Techniques, Procedures) information do also list associated CAPEC (Common Attack Pattern Enumeration and Classification) data.

Versão 17.12.0 (19/04/2024)

• Comprometer-se 94d29

  Funcionalidade

  Pedido do cliente
  All fields about the CISA Known Exploited Vulnerabilities Catalog (KEV) were upgraded from virtual fields to monoblock fields. As of today changes will be reflected in updates as well.

Versão 17.11.1 (17/04/2024)

• Comprometer-se b9de6

  Otimização
  Within vulnerability detail views the link for CPE strings is optimized to provide better search results on NVD.

Versão 17.11.0 (14/04/2024)

• Comprometer-se 37e20

  Funcionalidade
  Some CTI list views show the EPSS percentile value to better assess exploiting risks for vulnerabilities.

• Comprometer-se 079a3

  Otimização
  All list views containing date or time values support tooltips which show how long ago an event happened.

Versão 17.10.0 (13/04/2024)

• Comprometer-se 13074

  Funcionalidade
  All vulnerability list views associated with our work as a CVE Numbering Authority show the associated user submission to improve and simplify research capabilities.

• Comprometer-se 12479

  Otimização
  In some vulnerability list views the columns EPSS and CTI were swapped to show CTI values as last data point.

Versão 17.9.1 (12/04/2024)

• Comprometer-se 52022

  Correção de erros

  Pedido do cliente
  Fixed a rare issue where lists of versions were not created properly.

Versão 17.9.0 (09/04/2024)

• Comprometer-se e278e

  Funcionalidade
  If a user made some vulnerability submissions these are shon in the personal user profile.

Versão 17.8.1 (08/04/2024)

• Comprometer-se 2dcc5

  Otimização
  Improved the vulnerability submission quality analaysis system to provide fair blacklisting due to weak submissions.

Versão 17.8.0 (03/04/2024)

• Comprometer-se efec4

  Funcionalidade

  Mudança na API
  In API 3.62 introduced additional detail fields for CISA Known Exploited Vulnerabilities Catalog data with the structure exploit_kev_*.

Versão 17.7.1 (02/04/2024)

• Comprometer-se e3042

  Otimização

  Pedido do cliente
  Availability of CPE for vulnerabilities is drastically improved as they are compiled based on historical data and different sources as well.

Versão 17.7.0 (01/04/2024)

• Comprometer-se f0176

  Funcionalidade

  Pedido do cliente
  Vulnerability entries contain updated information by the CISA Known Exploited Vulnerabilities Catalog (KEV).

• Comprometer-se a46bb

  Correção de erros

  Mudança na API
  In API 1.18/2.38/3.61 fixed an issue where under certain circumstances the field software_version did not contain the available items.

Versão 17.6.4 (31/03/2024)

• Comprometer-se 6c8e5

  Otimização
  Performance improvement of updates of the internal EPSS data storage.

Versão 17.6.3 (30/03/2024)

• Comprometer-se ae76c

  Otimização
  Improvement of automated blocking of malicious users.

Versão 17.6.2 (29/03/2024)

• Comprometer-se c8646

  Otimização
  Improved performance of generation and display of commit detail views.

Versão 17.6.1 (28/03/2024)

• Comprometer-se 223de

  Otimização
  Disabled delayed caching for certain views to provide better data in real-time.

Versão 17.6.0 (26/03/2024)

• Comprometer-se 1003a

  Funcionalidade

  Pedido do cliente
  It is possible to see all successfully processed vulnerability submissions. This raw data helps to get a better understanding of the structure of a security issue.

• Comprometer-se b415c

  Funcionalidade
  Vulnerability entries that are based on a submission by a VulDB community user list the associated submissions.

Versão 17.5.1 (25/03/2024)

• Comprometer-se 669e0

  Otimização

  Mudança na API
  Improved CTI actors associated with a vulnerability entry is delivered via Vulnerability API which provides increased data quality.

Versão 17.5.0 (23/03/2024)

• Comprometer-se 55fec

  Funcionalidade
  Page titles contain an info button which links to the knowledge base article which is associated with a page view.

Versão 17.4.0 (21/03/2024)

• Comprometer-se 9dc56

  Funcionalidade

  Mudança na API
  API 3.60 introduced additional detail fields for CVSS data: _basevector and _tempvector for all, _baseseverity and _tempseverity for CVSSv2 and CVSSv3, _bseverity and _btseverity for CVSSv4.

Versão 17.3.1 (20/03/2024)

• Comprometer-se 0cf6e

  Correção de erros
  Under certain circumstances yearly statistics for CVSSv4 entries were not updating properly.

Versão 17.3.0 (19/03/2024)

• Comprometer-se c8e35

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In API 3.59 added support for CVSSv4 with the fields family vulnerability_cvss4_vuldb_*.

Versão 17.2.0 (18/03/2024)

• Comprometer-se b7147

  Funcionalidade
  CVSSv4 scores in vulnerability entries are clickable to learn more about the generation of such scores.

• Comprometer-se b7147

  Funcionalidade
  CVSSv4 scores do also show the reliability level of the scoring assignment like we already do for CVSSv3 scores.

Versão 17.1.0 (17/03/2024)

• Comprometer-se 026ac

  Funcionalidade

  Pedido do cliente
  Dedicated view for CVSSv4 scores is available. All entries in our database do support CVSS-B and CVSS-BT scores.

Versão 17.0.0 (16/03/2024)

• Comprometer-se 357ce

  Funcionalidade

  Pedido do cliente
  Vulnerability entries display CVSSv4 scores (CVSS-B as Base and CVSS-BT as Temp). The main CVSS scores remain based on CVSSv3 until CVSSv4 is well-accepted in the industry.

Versão 16.30.6 (23/02/2024)

• Comprometer-se 49ba9

  Otimização
  CTI data shown for vulnerability entries provides better identification of predictive and verified indicators.

Versão 16.30.5 (19/02/2024)

• Comprometer-se c912d

  Otimização

  Mudança na API

  Pedido do cliente
  Strong performance improvement of CTI data requests within the Vulnerability API and the CTI API in general.

Versão 16.30.4 (18/02/2024)

• Comprometer-se f694c

  Otimização
  Vulnerability entries that show CTI data will list countries with their proper name.

• Comprometer-se 20626

  Otimização
  Performance improvement if CTI data is shown in vulnerability entries.

Versão 16.30.3 (17/02/2024)

• Comprometer-se d0970

  Otimização
  Comments of vulnerability entries awaiting moderation or being rejected show more details for the posting user.

Versão 16.30.2 (16/02/2024)

• Comprometer-se e616d

  Otimização
  Community points for posts are added during the approval process.

Versão 16.30.1 (13/02/2024)

• Comprometer-se 686da

  Otimização
  CVE fields during the editing of a vulnerability are protected if VulDB is the official CNA for that assignment.

Versão 16.30.0 (07/02/2024)

• Comprometer-se 9f123

  Funcionalidade
  A list of the top active community members is available. Users that enabled their privacy settings are shown as anonymous members.

• Comprometer-se 482f4

  Funcionalidade
  A longer list of the most recent users is available. Users that enabled their privacy settings are shown as anonymous members.

Versão 16.29.4 (06/02/2024)

• Comprometer-se 14d6e

  Otimização
  Slight changes of community user level calculations.

• Comprometer-se f7cca

  Otimização
  Introduction of two new community user levels Senior Expert and Superguru.

• Comprometer-se d63d6

  Otimização
  During the setup procedure new users are asked to set their new username and password to prevent any confusion.

• Comprometer-se 2242f

  Correção de erros
  The button to submit new vulnerabilities was not shown for unauthenticated users.

Versão 16.29.3 (05/02/2024)

• Comprometer-se 778ff

  Otimização

  Pedido do cliente
  The calculation of user community points is much faster to provide better updates of values.

Versão 16.29.2 (03/02/2024)

• Comprometer-se 90afb

  Otimização

  Pedido do cliente
  If a vulnerability submission gets accepted, the submitter will receive an email which does now contain the request to keep and maintain the attached sources to help others verify and investigate the issue.

Versão 16.29.1 (27/01/2024)

• Comprometer-se daaee

  Otimização
  A new vulnerability submit which gets merged into an existing entry as a duplicate will not give community points to the submitter.

Versão 16.29.0 (26/01/2024)

• Comprometer-se 7ddcf

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In API 3.58 the CTI responses for actors and IP addresses contain the object cve which lists all associated CVE identifiers.

Versão 16.28.4 (25/01/2024)

• Comprometer-se 90a4f

  Otimização
  Changed the live view for recent updates to address specific needs to review changes better.

Versão 16.28.3 (24/01/2024)

• Comprometer-se dbc60

  Otimização
  Vulnerability entries show researchers as human-readable listings delimited by commas.

Versão 16.28.2 (19/01/2024)

• Comprometer-se 87dca

  Otimização
  CTI views with actor names are now considering special characters properly to support multi-language representation of source data.

Versão 16.28.1 (18/01/2024)

• Comprometer-se afc60

  Otimização
  Improved handling of an increased amount of service requests to provide a better user experience.

Versão 16.28.0 (17/01/2024)

• Comprometer-se a7d0e

  Funcionalidade

  Pedido do cliente
  The CTI export endpoint for IP addresses lists most recent entries for the last 24 hours by default. By adding a date in the form of YYYYmmdd it is possible to request items for a specific day.

• Comprometer-se 7f645

  Otimização
  Better identification of vulnerabilities with duplicate CVE assignments.

Versão 16.27.2 (16/01/2024)

• Comprometer-se d65c0

  Otimização

  Pedido do cliente
  Improved version handling of vulnerable products that use release candidates (e.g. Linux Kernel).

Versão 16.27.1 (15/01/2024)

• Comprometer-se af91b

  Otimização

  Pedido do cliente
  Improved version handling of vulnerable products that use characters as their minor version identifiers (e.g. OpenSSL).

Versão 16.27.0 (12/01/2024)

• Comprometer-se 124a4

  Funcionalidade
  CVEs that we reserve and publish as a CNA distinguish between identifier (finder), submitter (reporter), and commiter (analyst).

Versão 16.26.0 (26/12/2023)

• Comprometer-se c138a

  Funcionalidade
  Vulnerability commits that were rejected or reverted show an indicator within the commit history for better identification.

Versão 16.25.1 (08/12/2023)

• Comprometer-se a86ac

  Otimização
  Performance improvement of internal HTTP processing to handle requests more efficient and to deliver results faster.

Versão 16.25.0 (18/11/2023)

• Comprometer-se 346c5

  Funcionalidade
  Vulnerability entries link to the software licenses of the affected products.

Versão 16.24.7 (17/11/2023)

• Comprometer-se 1c1fa

  Otimização
  Identification of software licenses of affected products is much faster.

Versão 16.24.6 (09/11/2023)

• Comprometer-se fdcd0

  Otimização
  The user menu shows more items to provide better accessibility.

Versão 16.24.5 (06/11/2023)

• Comprometer-se 47d40

  Otimização
  Upgrade of the database engine to provide better performance and ressource management.

Versão 16.24.4 (30/10/2023)

• Comprometer-se 9d609

  Correção de erros
  Fixed an issue where certain CTI queries for hostnames were not executed in time.

Versão 16.24.3 (27/10/2023)

• Comprometer-se a64b7

  Otimização
  Better performance for CTI administrators using the backend to moderate indicators of compromise.

Versão 16.24.2 (26/10/2023)

• Comprometer-se 5be54

  Otimização
  Better and more efficient matching of version numbers in basic search requests.

Versão 16.24.1 (21/10/2023)

• Comprometer-se d0fa5

  Otimização
  The CTI actor views prefer more recent indicator of compromise to be shown if there is a limit enforced.

Versão 16.24.0 (14/10/2023)

• Comprometer-se 1c51a

  Funcionalidade

  Pedido do cliente
  Users with old passwords are warned that their passwords are going to expire. They are encouraged to define a new password.

• Comprometer-se d843d

  Funcionalidade
  Old passwords expire and require a password reset via email to enforce a high level of security.

Versão 16.23.2 (12/10/2023)

• Comprometer-se c03c5

  Otimização
  Better handling of special characters in vulnerability titles to provide improved readability.

Versão 16.23.1 (11/10/2023)

• Comprometer-se 3257f

  Otimização
  Improved layout of recent CTI views for new IP addresses and actors.

Versão 16.23.0 (04/10/2023)

• Comprometer-se c7f4e

  Funcionalidade
  Vulnerability entries show a dedicated list of affected version numbers as well.

Versão 16.22.10 (23/09/2023)

• Comprometer-se e7d66

  Otimização
  Better and faster processing of mail alerts to keep users up-to-date about their affected products.

Versão 16.22.9 (20/09/2023)

• Comprometer-se 2b9d4

  Otimização
  Improvement of flooding and denial of service protection to guarantee an even more reliable service.

Versão 16.22.8 (17/09/2023)

• Comprometer-se a91bf

  Otimização
  The fields software_website_vendor and software_website_product are now auto-completed much better to provide improved data quality for less popular entries.

Versão 16.22.7 (15/09/2023)

• Comprometer-se eb2df

  Correção de erros

  Pedido do cliente
  Fixed an issue where duplicates in CPE lists were creating odd JSON responses.

Versão 16.22.6 (31/08/2023)

• Comprometer-se 311c6

  Correção de erros

  Pedido do cliente
  Fixed an issue where exported CPE lists (JSON) were shown as objects instead of arrays. Reported by Dave Thornley.

Versão 16.22.5 (29/08/2023)

• Comprometer-se 914ca

  Otimização
  Improved handling of malicious requests to guarantee availability and responsiveness for our customers.

Versão 16.22.4 (09/08/2023)

• Comprometer-se 1e7dc

  Correção de erros
  Sums and average data of yearly views were not calculated correctly if there was a month with zero data.

Versão 16.22.3 (03/08/2023)

• Comprometer-se b7490

  Otimização
  Vulnerability data storage of source_nessus_type is much more efficient which increases performance as well.

Versão 16.22.2 (02/08/2023)

• Comprometer-se 65890

  Otimização
  Better handling of obsolete links to discontinued vulnerability sources.

Versão 16.22.1 (01/08/2023)

• Comprometer-se 4423b

  Otimização
  Vulnerability data storage of source_vulnerabilitycenter_severity is much more efficient which increases performance as well.

Versão 16.22.0 (31/07/2023)

• Comprometer-se 09088

  Funcionalidade

  Pedido do cliente
  Changes to the personal filter are now considered critical and as such they will inform the user about the edit via email.

Versão 16.21.7 (30/07/2023)

• Comprometer-se d6b1e

  Otimização
  Vulnerability data storage of source_nessus_risk and source_secunia_risk is much more efficient which increases performance as well.

Versão 16.21.6 (29/07/2023)

• Comprometer-se 3a72b

  Correção de erros
  A display bug showed merged vulnerability submissions as rejected instead of merged into the existing entry. Thanks to Calvin Star for making us aware of this issue.

Versão 16.21.5 (26/07/2023)

• Comprometer-se b552b

  Correção de erros
  In CTI views the list of references was not revealed entirely even if the user had a proper license.

Versão 16.21.4 (24/07/2023)

• Comprometer-se 520d2

  Otimização
  Better listing of sources associated with CTI actor activity analysis.

Versão 16.21.3 (19/07/2023)

• Comprometer-se 707b0

  Otimização
  Better IP address association for verified IOC (Indicators of Compromise). This increases the accuracy of CTI analysis of vulnerability entries.

Versão 16.21.2 (17/07/2023)

• Comprometer-se 71759

  Otimização
  The submission form for new vulnerabilities allows URLs for exploits as well.

Versão 16.21.1 (16/07/2023)

• Comprometer-se ab061

  Otimização
  Vulnerability exports do contain duplicate CVEs that got assigned.

Versão 16.21.0 (05/07/2023)

• Comprometer-se 0c32c

  Funcionalidade
  Sometimes CNAs assign duplicate CVEs for the same vulnerability. We do now show such duplicates to help to better understand connections between CVE entries.

Versão 16.20.3 (27/06/2023)

• Comprometer-se 6ee4c

  Otimização
  Better identification of vulnerability entries which affect products that are end-of-life. Version-specific association is now possible.

Versão 16.20.2 (26/06/2023)

• Comprometer-se bb031

  Otimização
  Improvement of CTI analysis for vulnerabilities that spike within short timeframes (hours and days). The data is loaded, analyzed, and presented much faster.

Versão 16.21.2 (17/07/2023)

• Comprometer-se 39c9a

  Otimização
  Optimization of monoblock capabilities to handle vulnerability data.

Versão 16.20.0 (13/06/2023)

• Comprometer-se e7287

  Funcionalidade
  There is also a list of most recent IP addresses added as IOCs available for paying users.

Versão 16.19.0 (10/06/2023)

• Comprometer-se e6e0d

  Funcionalidade
  A list of the most recent actor IOCs is available for paying users.

Versão 16.18.1 (03/06/2023)

• Comprometer-se e3b45

  Otimização
  Detection of commit collisions during editing of vulnerability data. Entries will be locked until an edit has been finalized.

Versão 16.18.0 (26/05/2023)

• Comprometer-se b9b95

  Funcionalidade
  Actor analysis adds links to malware samples to support in-depth analysis.

Versão 16.17.2 (23/05/2023)

• Comprometer-se b7248

  Otimização
  Improved use of vulnerability names for better data matching on the web service.

Versão 16.17.1 (17/05/2023)

• Comprometer-se 6f54e

  Otimização
  Upgraded database servers to improve performance during peak times.

Versão 16.17.0 (13/05/2023)

• Comprometer-se b7e2d

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In API 2.37/3.57 introduction of the field source_cve_duplicate to indicate whether a duplicate CVE has been assigned to an entry.

Versão 16.16.4 (11/05/2023)

• Comprometer-se 0fa94

  Correção de erros
  Fixed a minor view issue with Indicator of Compromise (IOC) tables that list IP ranges.

Versão 16.16.3 (10/05/2023)

• Comprometer-se 8f483

  Correção de erros
  Fixed an issue where sync of researcher data with the CVE stream did not happen properly under certain circumstances.

Versão 16.16.2 (05/05/2023)

• Comprometer-se ba5c5

  Otimização
  Improvement of timeseries handling which contain CTI activity scores and exploit today prices.

Versão 16.16.1 (03/05/2023)

• Comprometer-se bf769

  Otimização
  Improved intelligent matching of vendor and product definitions in all search queries, especially in multi-line fields.

Versão 16.16.0 (29/04/2023)

• Comprometer-se eaaf4

  Funcionalidade
  Due to our intensive involvement as a CNA (CVE Numbering Authority) we have extended the main menu to access CVE details that are maintained by us very quickly.

Versão 16.15.1 (22/04/2023)

• Comprometer-se e45ea

  Otimização
  The discussion possibility for vulnerabilities mentions that they are intended for public exchange and not fort support queries. Use the contact form instead to approach our support team.

Versão 16.15.0 (21/04/2023)

• Comprometer-se f33df

  Funcionalidade
  The CTI views for actors and IP addresses show the date of the first identification of Indicators of Compromise.

Versão 16.14.1 (18/04/2023)

• Comprometer-se f5a6c

  Otimização
  Improvement of the field advisory_type to indicate where a vulnerability disclosure is originating from.

• Comprometer-se 9cf62

  Correção de erros

  Mudança na API
  Fixed an issue where under certain circumstances the field advisory_type was not shown in an API response.

Versão 16.14.0 (17/04/2023)

• Comprometer-se a040a

  Funcionalidade
  Added the setting to enable count information for certain views in the site title. This helps to determine how many items are listed on a page.

• Comprometer-se 2ef13

  Correção de erros
  Fixed an issue in the overview of personal posts which did not show the name of a vulnerability entry properly.

Versão 16.13.2 (16/04/2023)

• Comprometer-se 9a6a2

  Otimização
  Changed the HTML title of vulnerability entries to use a colon instead of a pipe symbol as delimiter. Please update your parsers if you are relying on this data structure.

Versão 16.13.1 (15/04/2023)

• Comprometer-se 22190

  Otimização
  Performance optimization for all views that list our entries as a CVE Numbering Authority.

• Comprometer-se 853b1

  Otimização
  Access to all entries that are maintained by us as the responsible CVE Numbering Authority are accessible without any restrictions for all users.

Versão 16.13.0 (09/04/2023)

• Comprometer-se 792c6

  Funcionalidade
  Access to our activities as a CVE Numbering Authority possible by year. This has become mandatory due to the enormous amount of CVEs that we are handling.

• Comprometer-se a1d8b

  Otimização
  Recent CNA entries do now redirect to the current year.

Versão 16.12.1 (02/04/2023)

• Comprometer-se 2085f

  Otimização
  Improved the speed and accuracy of the display of recent vulnerabilities on the front page.

Versão 16.12.0 (01/04/2023)

• Comprometer-se 67624

  Funcionalidade

  Mudança na API
  In API 3.56 sources that are not available anymore are shown with the unavailable tag which contains the reason. This helps to determine defunct companies and dead links.

• Comprometer-se b5b18

  Funcionalidade
  Vulnerability entries indicate broken external links to help determine defunct companies and dead links.

Versão 16.11.1 (31/03/2023)

• Comprometer-se fd85c

  Correção de erros
  Fixed an issue where reverse lookups of CPE strings was not matching properly.

Versão 16.11.0 (23/03/2023)

• Comprometer-se 7a109

  Funcionalidade

  Mudança na API
  In API 2.36/3.55 introduction of the field source_cve_duplicateof to indicate CVE assignments which are potential duplicates of existing CVE assignments.

Versão 16.10.3 (17/03/2023)

• Comprometer-se 05831

  Otimização
  Optimized the speed to update community points earned by users for submissions of new vulnerability entries.

Versão 16.10.2 (16/03/2023)

• Comprometer-se 7b3a5

  Otimização
  Improved accuracy of indicators for vulnerability entries of managed serviced that cannot get a CVE according to current CAN rules.

Versão 16.10.1 (13/03/2023)

• Comprometer-se ab8a8

  Otimização

  Pedido do cliente
  Handling of CPE values of vulnerabilities was optimized to provide better accuracy of data.

Versão 16.10.0 (11/03/2023)

• Comprometer-se c639d

  Funcionalidade

  Pedido do cliente
  Comments of vulnerability entries will show official replies by our community team to help visitors to understand details and inner workings of our processes.

• Comprometer-se 13ff7

  Funcionalidade
  Hovering over the time indicator of comments will show the exact time of the submission.

Versão 16.9.3 (09/03/2023)

• Comprometer-se f3d56

  Otimização
  Performance improvement of EPSS (Exploit Prediction Scoring System) value handling.

Versão 16.9.2 (19/02/2023)

• Comprometer-se 72d23

  Otimização
  References lists use the general naming convention for VulDB entries as well.

Versão 16.9.1 (16/02/2023)

• Comprometer-se 636cc

  Otimização
  Much better performance of the service by optimizing the partitioning of data. Especially if there are many tasks handled at the same time.

Versão 16.9.0 (15/02/2023)

• Comprometer-se dc811

  Funcionalidade
  Switches VulDB CVSSv3 scores from 3.0 to 3.1 to adopt latest version of the industry standard.

Versão 16.8.0 (13/02/2023)

• Comprometer-se 8a926

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In API 3.54 the field software_managedservice is introduced to indicate products that are managed services and therefore not maintained by users.

Versão 16.7.0 (11/02/2023)

• Comprometer-se 0ceeb

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In API 1.17/2.35/3.53 the field software_rollingrelease is introduced to indicate whether the product is not using version numbering but establishing a rolling release instead.

• Comprometer-se 27319

  Funcionalidade

  Mudança na API
  The changelog does now flag changes to the API as such. This helps customers to identify changes that might require their attention regarding automated processing of data.

Versão 16.6.12 (03/02/2023)

• Comprometer-se 1c4ca

  Otimização

  Mudança na API

  Pedido do cliente
  Invalid URL requests to the API are not always redirected to prevent inefficient usage of the API.

Versão 16.6.11 (28/01/2023)

• Comprometer-se 9e571

  Correção de erros

  Mudança na API

  Pedido do cliente
  Fixed an issue in the API where request for entry_timstampe_change for older entries did not return the desired amount of items.

Versão 16.6.10 (23/01/2023)

• Comprometer-se 8a095

  Otimização
  Additional details available about default licenses by vendors.

Versão 16.6.9 (22/01/2023)

• Comprometer-se 05f5c

  Otimização
  Improvement of the Google Hacking view which provides a wide variety of Google Dorks.

• Comprometer-se 32026

  Otimização
  Faster and smarter processing of cache data which improves the overall performance of the service drastically.

Versão 16.6.8 (21/01/2023)

• Comprometer-se 830d3

  Otimização
  Invalid URL requests to the service are usually redirected, to point the user to the correct URL. This is now approached more consistantly.

Versão 16.6.7 (20/01/2023)

• Comprometer-se e6e23

  Otimização
  Performance optimization to increase responsibility for a wide variety of views.

Versão 16.6.6 (12/01/2023)

• Comprometer-se 6c542

  Otimização
  Improvement of search by purl statements. Better matching of products and versions possible.

Versão 16.6.5 (11/01/2023)

• Comprometer-se 7c9bd

  Otimização
  Better indicator for disputed vulnerability entries that are handled by our CNA team.

Versão 16.6.4 (10/01/2023)

• Comprometer-se c8bc3

  Correção de erros
  Fixed an issue where emails confirming the moderation of a vulnerability submission mention the wrong submission ID in the mail subject.

Versão 16.6.3 (09/01/2023)

• Comprometer-se 9b662

  Otimização
  Better handling of user sessions, especially if there is a lot of activities on the service.

Versão 16.6.2 (07/01/2023)

• Comprometer-se 5e9a7

  Otimização
  Introduction of a simple way for moderators to postpone processing of queued vulnerability items.

• Comprometer-se cfb9a

  Otimização
  Much better performance for moderators to import new vulnerabilities.

Versão 16.6.1 (04/01/2023)

• Comprometer-se cd64f

  Otimização
  Improvement of priority indicators for vulnerability queue handling by moderators.

Versão 16.6.0 (03/01/2023)

• Comprometer-se 02196

  Funcionalidade
  New queue handling of identifier vulnerabilities to improve quality and speed of processing by moderators.

Versão 16.5.4 (02/01/2023)

• Comprometer-se 9a5e1

  Otimização
  Extended display of multiline quotes of vulnerabilities for software, advisories, vulnerabilities, exploits, and countermeasures.

Versão 16.5.3 (21/12/2022)

• Comprometer-se 89dfe

  Correção de erros
  In very rare cases the derivative identification of vulnerability classes was not working.

Versão 16.5.2 (18/12/2022)

• Comprometer-se 6924d

  Otimização
  Better performance and higher accuracy for APT actor identification in certain CTI views.

Versão 16.5.1 (17/12/2022)

• Comprometer-se a0204

  Otimização
  All update views show duplicates and false-positives accordingly.

Versão 16.5.0 (16/12/2022)

• Comprometer-se 91e21

  Funcionalidade

  Mudança na API

  Pedido do cliente
  In the APIv3 the field entry_summary is now available in the languages Portuguese, Russian, Chinese, Japanese, and Arabic.

Versão 16.4.6 (12/12/2022)

• Comprometer-se 1b860

  Otimização
  More efficient and better redacting of problematic data in submits and commits.

Versão 16.4.5 (10/12/2022)

• Comprometer-se 47588

  Otimização

  Mudança na API
  More performance improvement of the API for timeranges like advisory_date_start, entry_timestamp_create_start, entry_timestamp_change_start, and entry_timestamp_all_start.

Versão 16.4.4 (08/12/2022)

• Comprometer-se fc381

  Otimização

  Mudança na API

  Pedido do cliente
  In API 3.52 performance optimization of certain queries requesting timeranges like advisory_date_start, entry_timestamp_create_start, entry_timestamp_change_start, and entry_timestamp_all_start.

Versão 16.4.3 (07/12/2022)

• Comprometer-se dba58

  Otimização
  Improved handling of duplicate vulnerability entries. These are processed much faster, flagged as duplicates or even hidden under certain circumstances.

Versão 16.4.2 (05/12/2022)

• Comprometer-se 67c94

  Otimização
  Performance optimization due to intelligent caching of cyber threat intelligence views like countries, sectors, and actors.

Versão 16.4.1 (04/12/2022)

• Comprometer-se 8dc47

  Otimização
  Access to cyber threat intelligence information which is not unlocked yet will show a proper amount of demo data to help to understand features, coverage, and possibilities.

Versão 16.4.0 (03/12/2022)

• Comprometer-se 12800

  Funcionalidade

  Pedido do cliente
  The Cyber Threat Intelligence platform does now provide a new view. The sector view helps to understand the emerging, current, and future threats for specific economic sectors.

Versão 16.3.4 (26/11/2022)

• Comprometer-se dae79

  Otimização
  Improved extended CPE dictionary generation. By dropping attributes that are not necessary the file generation becomes faster and the file becomes smaller.

Versão 16.3.3 (25/11/2022)

• Comprometer-se 726b4

  Otimização
  Hardware upgrade for better memory and processing handling.

Versão 16.3.2 (22/11/2022)

• Comprometer-se 21d9b

  Otimização
  Improved coverage and flagging of software products known to be end-of-life.

Versão 16.3.1 (21/11/2022)

• Comprometer-se 23f71

  Otimização
  Better handling of vulnerability entries flagges as false-positives or revoked data parts. Summaries reflect the status better and overviews tag them more prominent.

Versão 16.3.0 (18/11/2022)

• Comprometer-se 085b7

  Funcionalidade
  Additional links to the internal knowledge base and external sources available in vulnerability summaries and descriptions. This makes research a lot faster, easier, and more comfortable.