About This Site

Cyber Posture and Threat Data tracks CVE vulnerabilities with a focus on AI and machine learning systems, updated daily from public security data sources. The Vulnerabilities view covers all high-severity CVEs; the AI Vulns view filters to CVEs affecting AI software and maps them to MITRE ATLAS and OWASP Top 10 for LLMs. Charts and CVE detail pages are generated automatically by a local Python pipeline backed by a MongoDB database.

Data Sources

NVD — National Vulnerability Database

CVE identifiers, English descriptions, CVSS v3.1 scores and vectors, weakness (CWE) mappings, and reference URLs. Fetched daily via the NVD REST API 2.0.
EPSS — Exploit Prediction Scoring System

Daily-updated probability (0–1) that a CVE will be exploited in the wild within the next 30 days. Published by FIRST.org. Higher EPSS = higher urgency for patching.
CISA KEV — Known Exploited Vulnerabilities Catalog

CISA’s authoritative list of CVEs confirmed exploited in the wild. KEV-listed CVEs are shown in red on the charts.
MITRE ATLAS

Adversarial Threat Landscape for AI Systems — AI-specific attack tactics and techniques. AI-related CVEs are mapped to relevant ATLAS techniques where applicable.
OWASP Top 10 for LLMs 2025

OWASP’s ten most critical security risks for Large Language Model applications. Used to categorize LLM-specific vulnerabilities.
xAI Grok

Each CVE detail page includes a synthesized security summary generated by the Grok LLM from NVD description and reference advisory content. Summaries are cached and regenerated when NVD data is updated.

Daily Pipeline

A cron job runs the following pipeline once per day:

Download new CVE records from the NVD API (60-day lookback window)
Update EPSS scores for all tracked CVEs
Classify CVEs as AI-related using keyword matching against descriptions and advisories
Generate CVE detail pages with Grok-synthesized summaries (cached per CVE; regenerated when NVD lastModified changes)
Generate interactive EPSS scatter plots for all CVEs and AI-only CVEs (7-day, 30-day, 180-day windows)
Upload changed files to this server via SCP

CVE Detail Pages

Each high-severity CVE appearing in the charts has a detail page at /cve/CVE-XXXX-XXXXX.html. Detail pages include:

CVSS score, vector, and severity classification
EPSS score and percentile
CISA KEV status and date added (if applicable)
NVD description and CWE weakness categories
Grok-generated security summary covering attack scenario and remediation
MITRE ATLAS technique mappings (AI-related CVEs)
OWASP Top 10 for LLMs 2025 categories (LLM-specific CVEs)
Reference advisory links

How to Read the Charts

Each dot on the scatter charts represents one CVE. The X axis shows how many days ago the CVE was published (0 = today, higher = older). The Y axis shows the EPSS score on a log scale — higher means more likely to be exploited.

Red dots are on the CISA KEV list (confirmed exploited in the wild). Black dots are not on KEV but meet the CVSS threshold for the chart.

Click any dot or label to open the CVE detail page for that vulnerability in a new tab.