Live CVE Feed — Real-Time Vulnerability Intelligence

The Pinaka Live CVE Feed is a free, continuously updated CVE feed tracking actively exploited vulnerabilities from CISA's Known Exploited Vulnerabilities (KEV) catalog and NIST's National Vulnerability Database (NVD). Built for security teams, vulnerability management teams, and incident responders who need to know what's being exploited in the wild — right now.

Refresh interval: every 6 hours. Cost: free, no signup. Sources: CISA KEV + NVD.

What is a CVE feed?

A CVE feed is a continuously updated stream of Common Vulnerabilities and Exposures disclosures. Each CVE represents a publicly known software weakness — tracked by MITRE, scored by NIST's NVD, and flagged by CISA when active exploitation is observed. A good live CVE feed gives defenders three things: speed (new vulnerabilities within hours of disclosure), severity (CVSS scoring), and exploitation status (whether attackers are already weaponizing it).

How the Pinaka CVE feed works

The Pinaka CVE feed pulls from two authoritative sources:

  • CISA Known Exploited Vulnerabilities (KEV) catalog — the U.S. government's list of CVEs with confirmed active exploitation. Used by Federal agencies under Binding Operational Directive 22-01.
  • NVD (National Vulnerability Database) — NIST's comprehensive vulnerability database with CVSS scores, CPE identifiers, and vendor references.

The feed refreshes every 6 hours, so newly added KEV entries appear within one polling cycle of CISA's publication. CVSS v3 scores, severity ratings, and vendor products are surfaced in a single view — no signup required.

Who uses a live CVE feed?

  • Security Operations Centers (SOCs) — triage emerging threats against their asset inventory.
  • Vulnerability management teams — prioritize patch cycles based on active exploitation.
  • Vulnerability management teams — identify newly disclosed CVEs with public exploit code for n-day research.
  • Red teams — stay current on exploitation primitives during engagements.
  • Incident responders — correlate observed TTPs against known CVE exploitation chains.

CVE feed vs. CISA KEV vs. NVD

The three data sources serve different purposes:

  • NVD is the full database — every public CVE, scored and indexed. Comprehensive, but inclusion alone does not imply active exploitation.
  • CISA KEV is a curated subset — only CVEs confirmed to be exploited in the wild. A smaller list with much higher signal for defenders choosing what to patch first.
  • Pinaka's live CVE feed merges both and surfaces severity, exploitation status, and recency in a single view optimized for operators.

Frequently asked questions

Is the Pinaka CVE feed free?

Yes. The Live CVE Feed is free to use, no signup required.

How often does the CVE feed update?

Every 6 hours. New CISA KEV entries appear within one polling window of CISA's publication.

What's the difference between NVD and CISA KEV?

NVD is the full catalog of publicly disclosed CVEs. CISA KEV is a curated subset of CVEs with confirmed in-the-wild exploitation — a smaller, higher-signal list used to prioritize patching.

Can I get CVE feed alerts via Slack or Discord?

Yes. The full Pinaka platform supports Slack and Discord webhook alerts for new high-severity CVEs affecting tracked assets. Join the waitlist to enable alerting.

Does the feed include CVSS scores?

Yes. Each CVE entry shows its CVSS v3 base score and severity rating (Critical, High, Medium, Low).

This product uses the NVD API but is not endorsed or certified by the NVD. Data sourced from CISA's Known Exploited Vulnerabilities catalog and NIST's National Vulnerability Database.