CVE Dashboard
Scan your dependency files or select your stack technologies to get a unified view of CVE exposure, health status, and EOL timelines — all in one dashboard.
Scan My Stack
Paste a dependency file to auto-detect your technologies and check for CVEs across your entire stack.
Detects runtimes, databases, frameworks & infrastructure from your dependencies
How It Works
Scan or Select
Paste a dependency file to auto-detect your stack, or manually pick technologies from the checklist.
View CVE Badges
Each technology shows live CVE, health, and EOL badges from the ReleaseRun badge service — updated automatically.
Share & Track
Copy your dashboard as Markdown for READMEs, wikis, or Slack. Bookmark the page to check back as badges update.
FAQ
Where does the CVE data come from?
CVE badges are served by the ReleaseRun badge service at img.releaserun.com, which aggregates data from public vulnerability databases. Badges update automatically as new CVEs are published.
Is my data sent anywhere?
No. Everything runs in your browser using JavaScript. Your selections and dependency files never leave your device. The only network requests are badge image fetches from our badge service.
What file types are supported for scanning?
The scanner supports package.json (Node.js), requirements.txt (Python), go.mod (Go), Gemfile (Ruby), Cargo.toml (Rust), and pom.xml (Java/Maven). It auto-detects the file type, or you can select it manually.
Can I embed these badges in my own projects?
Yes! Use the "Copy as Markdown" button to get badge URLs ready for READMEs, wikis, or documentation. You can also use our Badge Builder for more customization.
How often are badges updated?
Badges refresh automatically. Health and EOL badges update when new versions are released, and CVE badges update as new vulnerabilities are published and patched. No manual refresh needed.
Monitor CVEs across your stack
Track vulnerabilities, health status, and EOL dates for every technology you depend on — updated automatically.