RSS feeds

Pipe CVEDatabase updates into Feedly, Inoreader, Slack, Teams, or any RSS-aware tool. The URL is the subscription — no account required.

Canonical feeds

Recent CVEs/feed/cve/recent

The newest 50 CVEs published to the National Vulnerability Database.

Critical CVEs (last 30 days)/feed/cve/critical

New CVEs with CRITICAL severity from the last 30 days.

High-severity CVEs (last 30 days)/feed/cve/high

New CVEs with HIGH severity from the last 30 days.

CISA KEV additions/feed/cve/kev

CVEs recently added to the CISA Known Exploited Vulnerabilities catalog.

Blog feed/feed.xml

CVEDatabase blog posts and security guides.

Vendor feeds

Replace the vendor name with any vendor you track. Product feeds use /feed/vendor/<vendor>/<product>.

Microsoft/feed/vendor/microsoft

New CVEs affecting Microsoft products.

Apple/feed/vendor/apple

New CVEs affecting Apple products.

Cisco/feed/vendor/cisco

New CVEs affecting Cisco products.

Google/feed/vendor/google

New CVEs affecting Google products.

Saved search feeds

Compose a feed from any combination of keyword, vendor, product, and severity.

Example — Microsoft + CRITICAL/feed/search?vendor=microsoft&severity=CRITICAL

Critical CVEs affecting Microsoft.

All feeds support If-None-Match conditional GETs and return 304 when nothing has changed.