CVE stands for Common Vulnerabilities and Exposures. It's
of publicly known security vulnerabilities, maintained by
When a new vulnerability is registered with CVE,
it is announced on Twitter via
. As of now
this appears to be the only way to receive incremental
CVE list updates, directly from the source.
Updates by email
CVE-monitor is a simple PHP script that checks @CVEnew feed
and relays all new entries to the list of email recipients.
It is primarily meant for people who use email-centric
workflow, relying on mailing lists for receiving
updates on subjects of interest.
CVE-monitor is open source, released under the 2-clause BSD license.
CVE-monitor on GitHub
It has minimal dependencies and it's fairly simple to set up.
We also host an instance of the script on this very server and
you are welcome to join the recipient list.
- You will receive an email with a confirmation link that you will
need to visit and then one email for each new Tweet from @cvenew.
- No other types of emails are sent.
- Every email includes an unsubscription link.
- The subscriber list is never shared with anyone.
- Emails are in text format.
is an example of the content.
- The script checks for new tweets once an hour.
Send an email to email@example.com
open an issue