Deprecation notice

Note: This project will be discontinued after December 13th, 2021.


  • Bootstrapping problem - Vulncode-DB ’s usefulness depends on having unique content. We can automatically detect some vulnerability patches via CVE/NVD metadata. We can also highlight relevant sections and annotate them in a write-up fashion. We also allow users to modify or annotate content themselves. However, this by itself is insufficient to make anyone use the platform. You need much and high-quality data first to make this useful, which a prototype like ours can’t attain at this stage without extensive investment.
  • Lack of community support - While there was some positive feedback there have been only a few contributors. The platform and vision seem to be inadequate to get more practical support.
  • Insufficient resources - Developing the platform and for example a feature like a version control system for user moderated content similar to Wikipedia requires much engineering work for which we, as 20% contributors, are understaffed.
  • Added value unknown - Even if all of the above would be solved it’s still unclear whether the platform would provide sufficient value for individuals to justify a dedicated project. You can go to CVE details or Google for write-ups to learn more about a vulnerability. This is an established habit, hard to break and might already be good enough for individuals to learn more.

How and when?

Do you have feedback/ideas for how it should be continued?

Finally, thank you to all contributors and individuals who supported the project. We are very grateful for your support, time and feedback.


Ruslan and Timo