This project is dedicated to analyzing and visualizing Common Vulnerabilities and Exposures (CVE) data 🛡️. It focuses on identifying CVEs by their publication date, and whether they're missing Common Platform Enumerations (CPEs) or references.
- Data Extraction: Automatically downloads CVE data from the NVD feeds.
- Data Processing: Parses the JSON data to identify CVEs with/without CPEs and references.
- Visualization: Generates daily and weekly heatmap visualizations to provide insights at a glance.
- Reporting: Creates a detailed analysis report of CVE trends over time.
The generated heatmaps include:
- Total CVEs Per Day: Shows the total count of new CVEs reported each day.
- CVEs Without References: Indicates the number of CVEs lacking references on a daily basis.
- CVEs Without CPEs: Highlights the daily CVEs that are missing CPEs.
- Median and Mean EPSS scores: Monitor EPSS for changes overtime.
- EPSS for CISA KEV added after 2023: Keeping track of EPSS on CISA KEV
- CVSS for CISA KEV added after 2023: Keeping track of EPSS on CISA KEV
To generate the heatmaps:
python generate_cve_heatmap.py