Warning
The json data files in this repo are automatically generated every hour off of the data in https://github.com/anchore/cve-data-enrichment which in turn is generated from https://github.com/anchore/vulnerability-index-spec-files. Do not manually edit data here.
This repository contains enriched vulnerability data in NVD-compatible format. It provides additional information and corrections that supplement the official National Vulnerability Database (NVD).
The data here is automatically generated from the cve-data-enrichment repository using tools from the vulnerability-data-tools project. It focuses on providing:
- CPE configurations for vulnerabilities not yet analyzed by NVD
- Corrections to existing CPE configurations when needed
- Additional metadata that helps with accurate vulnerability matching
data/
2024/ # Organized by CVE year
CVE-*.json # One file per CVE
2025/
CVE-*.json
Each JSON file contains only the additional or corrected data needed to supplement the official NVD record.
This repository is automatically generated. To contribute:
- Visit the vulnerability-data-tools repository
- Follow the contribution guidelines there
- Submit your changes through that project
Direct pull requests to this repository will not be accepted since all data here is generated automatically.
The content in this repo is licensed CC0 as noted in the LICENSE file