CVE Monitor

CVE stands for Common Vulnerabilities and Exposures. It's a list of publicly known security vulnerabilities, maintained by MITRE.

When a new vulnerability is registered with CVE, it is announced on Twitter via @CVEnew. As of now this appears to be the only way to receive incremental CVE list updates, directly from the source.

Updates by email

CVE-monitor is a simple PHP script that checks @CVEnew feed and relays all new entries to the list of email recipients.

It is primarily meant for people who use email-centric workflow, relying on mailing lists for receiving updates on subjects of interest.

To self-host

CVE-monitor is open source, released under the 2-clause BSD license.

CVE-monitor on GitHub
It has minimal dependencies and it's fairly simple to set up.

Mailing list

We also host an instance of the script on this very server and you are welcome to join the recipient list.

• You will receive an email with a confirmation link that you will need to visit and then one email for each new Tweet from @cvenew.
• No other types of emails are sent.
• Every email includes an unsubscription link.
• The subscriber list is never shared with anyone.
• Emails are in text format. Here is an example of the content.
• The script checks for new tweets once an hour.

Contact

Send an email to support@iobureau.com or open an issue on GitHub.