Global CVE News Hub

MVP web app for browsing, searching, and filtering global CVEs in the browser.

Main Site Preview

Features

• NVD CVE 2.0 feed proxy with search, date range, severity, pagination-ready API
• CISA Known Exploited Vulnerabilities overlay and KEV-only view
• Canonical deduplication by CVE ID across sources, merging references, vendors, CWEs, and source labels
• CVE confidence/status labels: published, NVD analyzed, awaiting analysis, vendor advisory, disputed, rejected, known exploited, ransomware use
• Hide-rejected default filter plus explicit status filter
• OSV package enrichment on selected CVEs
• Dashboard stats for critical/high/known-exploited/rejected results
• Detail pane with CVSS, status, sources, vendors/products, CWE weaknesses, remediation action, and references
• Server-side caching to avoid hammering public feeds and to bypass browser CORS issues

Run

npm install
npm run dev

Open the Vite URL shown in the terminal. The API runs on http://localhost:3001.

Production

Legacy Node/Render-style deployment:

npm run build
npm start

Cloudflare deployment target:

npm run cf:build
npm run cf:migrate:remote
npm run cf:pages:deploy
npm run cf:ingest:deploy

Before running the Cloudflare commands, create a D1 database, replace REPLACE_WITH_D1_DATABASE_ID in wrangler.toml and wrangler.ingest.toml, set Worker secrets, and apply migrations. See TODO.md for the Cloudflare dashboard checklist.

Cloudflare architecture

• React/Vite frontend is served by Cloudflare Pages from dist/.
• Read APIs live in functions/api/* and use a D1 binding named CVE_DB.
• Public Cloudflare APIs are read-only; browser-triggered sync/archive/reconcile routes are disabled.
• Scheduled ingestion lives in workers/ingest.js and updates D1 outside user traffic.
• Optional local SQLite data can be exported with npm run cf:export:sqlite -- data/cves.sqlite dist/d1-seed.sql and imported with Wrangler.

Notes / next MVP+ ideas

• Add persistent database and scheduled ingestion instead of live proxy-only mode.
• Add RSS/source ingestion for vendor advisories, CERTs, Exploit-DB, and security blogs.
• Add auth + saved searches + email/webhook alerts.
• Add EPSS and exploit PoC enrichment.
• Add real pagination and CSV/JSON export.