PulseGateLive intelligence on AI-era software
Coverage
172,537

Software tracked

 

Freshness
53 min ago

Last update

 

Cadence
894/day

7-day average

Indexed today: 781

PulseGate

Live intelligence on the software shipping in the AI era — apps, models, agents, and infra.

Software is shipping faster than ever, and a growing share of it lives outside the official app stores. PulseGate tracks it live — free, for builders, analysts, and everyone keeping up.

Platform

  • All Apps
  • Categories
  • Industry Updates
  • Data Sources
  • Coverage Rules
  • Glossary
  • Embed Widget

Support

  • Help Center
  • Suggest a URL
  • Report an Issue

Company

  • About
  • Press & Data
  • Contact
  • Platform Status

Legal

  • Privacy
  • Terms
  • Disclaimer

© 2026 PulseGate. Operated by Dymaxio s.r.o., Prague, Czech Republic.·

All systems operational
PulseGate
REreel-vex logo
reel-vex
Visit ↗
  1. Home/
  2. Infrastructure & Backend/
  3. reel-vex
←Back to results
Rreel-vex logo

reel-vex

getreel.dev·Infrastructure

reel-vex is an open-source platform designed to aggregate and manage VEX (Vulnerability Exploitability eXchange) statements, focusing on software vulnerability information from multiple Linux vendors. The service addresses the challenge of determining which vulnerabilities are relevant or actionable in a given software context by centralizing vendor statements and providing tools for annotation and analysis.

The platform enables users to search for vendor VEX statements by entering a CVE ID, allowing them to see every vendor statement associated with that vulnerability. reel-vex supports the upload of SBOMs (Software Bill of Materials) in CycloneDX format, VEX documents in OpenVEX or CycloneDX VEX formats, or both. Users can drop these files directly into the platform or interact programmatically via a documented HTTP API. When a CycloneDX SBOM with a vulnerabilities section is provided, the tool returns the SBOM annotated with the vendor's verdict on each vulnerability. If only SBOM components are provided, vulnerabilities are filled in from vendor data and then annotated. Uploading only a VEX document results in an OpenVEX document with user statements merged and vendor views presented alongside. When both SBOM and VEX are supplied, the tool annotates the SBOM, giving precedence to user-provided VEX statements over vendor verdicts in case of conflict.

reel-vex aggregates VEX data from a range of Linux vendors, including Oracle, Amazon, Red Hat, SUSE, Ubuntu, Debian, Alpine, AlmaLinux, and Rancher. This breadth allows users to analyze vulnerability relevance across diverse distributions. The platform can also generate SBOMs using the 'reel export sbom' command, which scans container images for vulnerabilities and outputs them in CycloneDX format.

The service is free and open source, making it accessible for organizations or individuals seeking to enhance their vulnerability management and compliance workflows. reel-vex is positioned as a VEX hub, providing a unified interface for querying, annotating, and merging vulnerability statements from multiple sources.

Open SourceApache-2.0
WebAPISelf-hosted
R
reel-vex preview
Visit getreel.dev↗
⭐1
star
✓5
features
📅2026
since

Overview

5 features

In the Infrastructure & Backend space, reel-vex takes a focused approach. It focuses on aggregating and querying vulnerability information (VEX) across multiple vendors for software supply chain security. reel-vex is an open-source project aimed at security engineers and DevOps teams. The project is open source (Apache-2.0). It runs on the web and API, and it can be self-hosted.

It is developed by reel, and the product first shipped in 2026. The project is developed in the open on GitHub with 93 commits in the last 90 days. Among its 5 catalogued features are VEX aggregation, SBOM upload, and CVE search. It exposes integrations via a public API.

  • ✓VEX aggregation
  • ✓SBOM upload
  • ✓CVE search
  • ✓API access
  • ✓Open source

Tags

vex-hubsbom-annotationcve-querysoftware-supply-chainopenvex

Built with & integrations

Framework
nextjs
Hosting
netlify
Connectors
API
Runs on
BrowserAPI-onlySelf-hosted

Trust & compliance

LicenseApache-2.0
Verified signals
✓ HTTPS✓ Open Source✓ Free tier✓ GitHub · ★ 1✓ Active maintenance

Recent events

Latest indexed changes and source events

  1. IndexedJul 13, 11:29 PM

    Show HN: Free API of 248M aggregated VEX statements: 45% of CVEs not affected verified by the PulseGate indexer

    Source: PulseGate indexerOpen ↗

Frequently asked questions about reel-vex

What is reel-vex?
Reel-vex focuses on aggregating and querying vulnerability information (VEX) across multiple vendors for software supply chain security. It is catalogued under Infrastructure & Backend on PulseGate.
Who should use reel-vex?
reel-vex is an open-source project built for security engineers and DevOps teams.
Does reel-vex have a free plan?
Yes — reel-vex is open source under the Apache-2.0 license and free to use.
What platforms does reel-vex run on?
reel-vex runs on the web and API. It can also be self-hosted.
Is reel-vex still active?
PulseGate's automated liveness checks currently classify reel-vex as active. The GitHub repository shows 93 commits in the last 90 days.
What tools are similar to reel-vex?
Similar tools tracked by PulseGate include vexcalibur, Vuln0x, and cve-risk-analyzer.vexcaliburVuln0xcve-risk-analyzer
Who develops reel-vex?
reel-vex is developed by reel.
How long has reel-vex been around?
reel-vex first shipped in 2026.

At a glance

Pricing
Open Source
Platforms
Api · Web
Languages
English
Open source
Yes · ★ 1
License
Apache-2.0
First seen
Jul 13, 2026
Activity
🟢 Active
Status
🟢 Active
Built for
security engineers and DevOps teams
Model
Open source
Solves
Aggregating and querying vulnerability information (VEX) across multiple vendors for software supply chain security.

Developer

reel
Small team
↗ GitHub

Open source

View on GitHub →
⭐ Stars
1
🍴 Forks
0
Open issues
0
Last commit
2d ago
Commits 90d
93
Contributors
2
Authorship
Small team
Default branch
main
Latest release
v0.11.1 · 2d ago

Live coverage

Confidence
High · 95
Indexed
Jul 13, 2026
Lifecycle
Alive
Activity
Active
First seen
Jul 2026
Last seen
2d ago
Identity audit (9)
Entity ID
cmrjuuftx09xrcwu5p5xepynw
Slug
show-hn-free-api-of-248m-aggregated-vex-statements-45-of-c-getreel-dev
Verification state
Indexed for public listing
Claim / listing state
Unclaimed · listed: yes
Index status
Included in index
Latest evidence snapshot
Jul 13, 2026
Timeline basis
Indexed-at chronology (no inferred launch/funding milestones).
Last updated
Jul 14, 2026
Canonical URL
https://getreel.dev/vex

Similar apps

Other apps tracked under the same category.

  • vexcalibur
    pypi.org
  • Vuln0x
    vuln0x.com
  • cve-risk-analyzer
    pypi.org
  • VEXA CLI
    github.com
  • Vexl
    vexl.it
  • Vexlab
    vexlab.app