CVE Monitor

CVE stands for Common Vulnerabilities and Exposures. It's a list of publicly known security vulnerabilities, maintained by MITRE.

When a new vulnerability is registered with CVE, it is announced on Twitter via @CVEnew. As of now this appears to be the only way to receive incremental CVE list updates, directly from the source.

Updates by email

CVE-monitor is a simple PHP script that checks @CVEnew feed and relays all new entries to the list of email recipients.

It is primarily meant for people who use email-centric workflow, relying on mailing lists for receiving updates on subjects of interest.

To self-host

CVE-monitor is open source, released under the 2-clause BSD license.

CVE-monitor on GitHub

It has minimal dependencies and it's fairly simple to set up.

Mailing list

We also host an instance of the script on this very server and you are welcome to join the recipient list.


Send an email to or open an issue on GitHub.