io is a vulnerability intelligence platform designed for security teams seeking real-time awareness of software vulnerabilities that affect their technology stack. The platform continuously monitors software products for new CVEs (Common Vulnerabilities and Exposures) and delivers alerts enriched with context such as EPSS (Exploit Prediction Scoring System), CVSS (Common Vulnerability Scoring System), KEV (Known Exploited Vulnerabilities), and CWE (Common Weakness Enumeration) to help teams prioritize remediation efforts.
Key features include real-time CVE monitoring, alert routing to email, Slack, Microsoft Teams, Jira, and webhooks, and the ability to organize software assets into projects with scoped API tokens and granular permissions. Users can filter alerts by severity, EPSS score, or exploit status, and the platform supports multi-project workspaces, team member management, and project-specific alerting. io also provides deep links to CWE and CAPEC (Common Attack Pattern Enumeration and Classification) databases for further vulnerability analysis. The developer API offers project-scoped tokens, resource-level permissions, and tier-based rate limits. A SQL-like query language, CVEQL, allows for advanced threat-hunting across the CVE corpus, supporting filters by CVSS, EPSS, vendor, CWE, and date range. Webhook delivery logs with retry logic and payload auditing are also available for debugging integrations.
io integrates with popular tools and platforms such as Slack, Microsoft Teams, Jira, Splunk, and supports RSS feeds and a Chrome extension for CVE lookups. Alert routing and integrations can be configured per project, supporting a variety of workflows for security teams and researchers.
The service is offered with a tiered pricing model, including a free plan for individual researchers that provides one project, ten product subscriptions, one team member, and limited API and CVEQL requests per minute. Paid plans scale up to support more projects, product subscriptions, team members, and higher API limits, with advanced features such as Slack and Microsoft Teams integration, two-factor authentication, activity logs, and one-on-one support. All plans include access to the full CVE database, EPSS data, and email alerts.
cvefeed-mcp sits in PulseGate's API design, testing & docs category. It focuses on providing a Model Context Protocol server for accessing vulnerability intelligence data via API. cvefeed-mcp is an open-source project aimed at security researchers and developers. The project is open source (MIT). cvefeed-mcp is available on the web, the command line, and API.
cvefeed builds and maintains cvefeed-mcp, and the product first shipped in 2026. The project is developed in the open on GitHub with 3 commits in the last 90 days. Across PulseGate's embedding index, cvefeed-mcp has few near neighbours, marking it as relatively distinct. Among its 5 catalogued features are MCP server, vulnerability intelligence, and API integration. It exposes integrations via an MCP server and a public API.
Latest indexed changes and source events
cvefeed.io discovered by the PulseGate indexer
Other apps tracked under the same category.