16.08.2023
3 min
1813
In cybersecurity, the speed of information is often everything. While official databases are being updated, vulnerabilities are already actively discussed in professional communities, social networks and researcher reports. That is why aggregators of trending CVEs are becoming an important tool for analysts, pentesters and SOC teams.
This article collects services that track the most discussed and relevant vulnerabilities, analyzing mentions in X, Fediverse, Reddit, news feeds and specialized resources. They allow you to quickly understand which CVEs are currently in the focus of the community’s attention and may pose an increased risk to the infrastructure.
An aggregator that displays the top 10 most discussed vulnerabilities on social networks per day. For each CVE, a conventional popularity “thermometer” is used, which allows you to quickly assess the level of community attention to a specific threat.
A service that collects data on popular vulnerabilities from decentralized social networks Fediverse, including Mastodon. Focuses on tracking CVE discussions on alternative social platforms and unofficial communication channels.
A selection of trending vulnerabilities from threat intelligence platform Feedly. The service provides a timeline that reflects key stages in the CVE lifecycle, including first mentions and appearance in public catalogs.
One of the most mature aggregators that ranks trending vulnerabilities based on mentions in various open sources. The platform allows you to assess the dynamics of interest in CVEs and compare them with each other.
Vulnerability aggregator from SOCRadar, created as a replacement for the closed project CVETrends. Focused on analyzing CVE discussion and their relevance, taking into account changes in access to social APIs.
A platform with advanced vulnerability search, where the “Discussed in social networks” dashboard is available. In addition, the service offers various thematic selections, including daily tops, news reviews, and analytical materials.
A resource maintained by Luxembourg CERT that combines vulnerability data with information about their mentions on social media. Weekly CVE tops and an API for obtaining statistics are available.
A Reddit community that publishes a daily roundup of the ten most discussed and interesting vulnerabilities. The source is useful for quickly getting acquainted with current topics in the community.
An AI-powered cybersecurity news aggregator. In the vulnerabilities section, each CVE is assigned a “temperature” label that reflects the intensity of media discussion over a certain period.
A vulnerability aggregator that analyzes discussions on the BlueSky decentralized network. For each CVE, a description, CVSS score, exploit information, CISA KEV catalog availability, and useful external links are provided.
A platform from Positive Technologies that displays trending vulnerabilities and their discussion statistics. Available data on activity on the X social network, timelines, and post texts from various sources.
Aggregator of vulnerabilities discussed in Fediverse. The platform provides data on CVSS, EPSS, number of publications, repositories with PoC or exploits, as well as detection templates for Nuclei with the ability to export data.
A tool from Vulmon that shows vulnerability trends over the past few days. The service allows you to view historical CVE popularity and analyze changes in interest over time.
A new trending vulnerability aggregator that currently has limited data. Despite this, the platform looks promising and offers basic functionality for tracking current CVEs.
