CVEFinder

CVEFinder is a web-based cybersecurity intelligence and vulnerability scanning platform that helps developers, security professionals, and researchers identify technologies used by websites and discover known CVE vulnerabilities affecting them.

The platform combines automated website technology detection with a continuously updated CVE database, providing visibility into software risks, severity levels, and exploitability signals.

Key features include:

• Website technology detection using headers, HTML, JavaScript, and cookies
• CVE vulnerability correlation with detected technologies
• Searchable CVE database by CVE ID, product, vendor, and keyword
• Severity analysis with CVSS (v3.1 / v4.0) and EPSS scores
• Vendor and product intelligence with vulnerability statistics
• Public and private scan result pages with confidence-based detection
• Exploit availability insights sourced from public exploit repositories (Pro plan)
• Monitoring and email alerts for newly disclosed CVEs affecting tracked URLs (Pro plan)
• JSON exports and automated rescans for professional workflows (Pro plan)

CVEFinder is available in three plans:

• Guest – Limited public scans without an account
• Free – Increased scan limits, CVE database access, and private scans
• Pro – Advanced vulnerability monitoring, exploit intelligence, exports, and alerts

The platform is fully web-based, requires no installation, and uses passwordless OTP authentication. CVEFinder is designed for reconnaissance, vulnerability research, DevSecOps workflows, and ongoing security monitoring.