Table of Contents
Getting Started
Prerequisites
- Python 3.8+ installed and available in PATH
- VulnCheck API Token (free at vulncheck.com)
- AI API Key (optional) - OpenAI, Anthropic, or Google for AI summaries
Quick Start Guide
-
Run the build script
This sets up the Python virtual environment and installs all dependencies.
# Windows build.bat # Linux/macOS chmod +x build.sh && ./build.sh -
Start the server
Launch the dashboard server. It will automatically open in your default browser.
# Windows run.bat # Linux/macOS ./run.sh -
Enter your API token
Click the settings icon (gear) in the top right and enter your VulnCheck API token. It will be securely encrypted.
-
Start searching!
Enter a CVE ID, CPE string, or vendor:product format to begin exploring vulnerabilities.
Search & Discovery
Supported Search Formats
| Format | Example | Description |
|---|---|---|
CVE ID |
CVE-2024-21762 |
Direct CVE lookup with full details and exploit data |
Full CPE |
cpe:2.3:a:apache:log4j:2.14.1:*:*:*:*:*:*:* |
Exact CPE match to find all associated CVEs |
Vendor:Product |
vendor=mediatek, product=mt6890 |
Fuzzy search by vendor and product name |
Search Logic
- Exact Match First: For CPE queries, the dashboard tries the exact match endpoint first
- Automatic Fallback: If no exact match is found, it automatically tries a fuzzy search
- Full Details: For each CVE found, complete vulnerability details including exploits are fetched
Search History
Your recent searches are saved and accessible via the dropdown next to the search box:
- Click the star icon to pin favorites to the top
- Click any history item to re-run that search
- Configure history limit (5-100 items) in settings
- Clear history anytime from the settings panel
Filtering & Analysis
Available Filters
Severity Filters
Filter by severity level with multi-select support using OR logic:
Critical High Medium Low
Exploit Maturity
Filter by exploit availability and maturity level:
Weaponized PoC Available No Known Exploit
KEV Status
Show only CVEs in known exploited vulnerability catalogs:
CISA KEV VulnCheck KEV
Threat Intelligence
Filter by threat actor associations, ransomware, or botnet involvement.
Quick Filters
Click any highlighted badge in the CVE detail modal to instantly apply a filter. The filter bar shows all active filters with one-click removal.
Charts & Visualization
Severity Distribution
Interactive stacked bar chart showing Exploitable vs Not Exploitable CVEs per severity level. Click any segment to filter results.
Timeline Analysis
View CVEs by Published Date or Last Modified Date. Toggle between year and month groupings for detailed analysis.
Exploit Maturity Pyramid
3-tier pyramid visualization showing Weaponized, PoC, and No Exploit counts. Hover for preview, click to filter.
Custom Pivots
Create your own pivot charts on any field. Supports Bar, Doughnut, Pie, and Polar Area chart types.
Creating Custom Pivots
- Click the + button in the charts section
- Select a field to pivot on (Vendor, Product, Version, etc.)
- Choose your preferred chart type
- Click Create - your pivot is saved automatically
Custom pivots persist across sessions. Click the chart type icon to rotate through different visualizations.
AI-Powered Summaries
Supported AI Providers
- OpenAI - GPT-4o-mini (fast, cost-effective)
- Anthropic - Claude Sonnet (balanced quality)
- Google - Gemini 1.5 Flash (fast)
- Custom - Any OpenAI-compatible endpoint
Detail Levels
| Level | Audience | Style |
|---|---|---|
| Executive | C-suite, board members | 3-4 sentences, business risk focus, no jargon |
| Balanced | IT professionals, managers | 5-6 sentences, severity + remediation priority |
| Technical Detail | Security engineers, analysts | 8-10 sentences, attack vectors, IOCs, specific fixes |
Using AI Summary
- Configure your AI provider in Settings > Advanced > AI Agent
- Open any CVE detail modal
- Click the "Smart Summary" button
- Adjust detail level and language using the controls
- Click "Regenerate" for a fresh summary
Risk Burn Rate Model
The dashboard includes a sophisticated financial risk quantification model that calculates potential loss from unpatched vulnerabilities and tracks risk accumulation over time.
Key Metrics
Potential Loss (L)
Estimated maximum financial impact if the vulnerability is exploited. Calculated from breach cost, exposure ratio, and threat factors.
Burn Rate (B)
Rate at which risk accumulates per hour until remediation. Displayed as $/hour countdown in the Risk Odometer.
Calculation Factors
| Factor | Weight | Description |
|---|---|---|
| EPSS Score | ████ | Exploitation Prediction Scoring System probability |
| CVSS Score | ███ | Common Vulnerability Scoring System severity |
| Exploit Maturity | ██ | Weaponized / PoC / None status |
| Time Exposure | █ | Days since publication (capped at 180) |
Risk Multipliers
- CISA KEV status: ▲▲▲▲▲ exposure
- Ransomware association: ▲▲▲▲ exposure
- Public exploit available: ▲▲▲ exposure
- Commercial exploit available: ▲▲ exposure
- Botnet association: ▲▲ exposure
- Threat actor associations: ▲ per actor (max 5)
Industry Presets
Select your industry in Settings > Advanced > Risk Model Assumptions to auto-fill appropriate breach costs and SLA windows:
Finance Healthcare Critical Infrastructure Technology Retail
CSV Import & Host View
Importing CSV Files
- Click the CSV section or drag a file onto the upload area
- The dashboard auto-detects column types (CVE, CPE, IP, hostname)
- Select which columns to use for searching and host identification
- Click Confirm to begin processing
Column Auto-Detection
| Type | Pattern | Example |
|---|---|---|
| CVE | CVE-YYYY-NNNNN | CVE-2024-21762 |
| CPE | cpe:2.3:... | cpe:2.3:a:apache:* |
| IP Address | N.N.N.N | 192.168.1.100 |
| Hostname | FQDN patterns | server.example.com |
Host-Centric View
After importing a CSV with host data:
- A "Host View" button appears in the view toggle
- Hosts are sorted by critical CVE count (highest risk first)
- Each host card shows severity breakdown and threat indicators
- Click a host card to see detailed CVE list, charts, and AI assessment
- All filters apply consistently across host view
Export Options
Export JSON
Full API response data including all fields and metadata. Best for programmatic use or re-import into other tools.
Export CSV
Respects visible columns from table settings. Smart row expansion for CVEs with multiple associated hosts.
Export PDF
Professional CVE or Host reports with AI analysis, risk metrics, charts, and all relevant details.
Dashboard PDF
Summary view with severity chart, maturity pyramid, timeline, and top CVE table. Great for executive reporting.
Settings & Configuration
Main Settings
- Theme: Default Dark, Light Minimal, Dark Hacker, Corporate (Dusty Navy)
- Custom Skins: Create branded themes from your company URL or manual color selection
- Language: English, Chinese, Japanese, French, Spanish, German
- API Token: Your VulnCheck API key (AES-256 encrypted storage)
Custom Brand Skins
Create personalized themes that match your organization's branding:
- Go to Settings → Appearance
- Click Create New in the Custom Skins section
- Enter your company's website URL (e.g., https://www.company.com)
- Click Extract to discover logos and brand colors
- Select your preferred logo from the discovered options
- Review the extracted colors (click to select/deselect)
- Choose Dark or Light theme mode
- Click Preview Theme to see the result
- Click Apply to use the theme
Switch to the Manual tab to pick colors directly:
- Primary Color: Main UI accent color
- Background: Base background color
- Text Color: Primary text color
- Accent Color: Highlight color for buttons/links
- Logo: Upload your company logo (optional)
When a brand logo is set, it automatically appears in:
- Dashboard header (top-left corner)
- CVE vulnerability PDF exports
- Host assessment PDF exports
- Dashboard summary PDF exports
- Apply: Click the checkmark to apply a saved skin
- Export: Download the skin as a JSON file for backup or sharing
- Delete: Remove the skin from your saved list
- Import: Load a skin from a previously exported JSON file
Advanced Settings
Control how aggressively API requests are batched:
- Gentle (1): Slow, minimal server load
- Light (2): Conservative speed
- Normal (3): Balanced (default)
- Eager (4): Faster fetching
- Hungry (5): Maximum speed
- Provider: OpenAI, Anthropic, Google, or Custom endpoint
- Endpoint: API URL (auto-filled for known providers)
- API Key: Your provider's API key (encrypted)
Use the Validate button to test your API key connection.
- Industry: Select for preset values
- Annual Revenue: Your organization's revenue ($)
- Avg Breach Cost: Industry average data breach cost ($)
- SLA Hours: Remediation windows by severity (KEV, Critical, High)
Customize AI prompts for CVE and Host summaries. Available template variables:
{cve_id} {severity} {cvss} {epss} {description} {products} {kev_status} {exploits} {threat_actors}
Click Reset to Default to restore the original prompt.
Keyboard Shortcuts
| Shortcut | Action |
|---|---|
| Escape | Close modal / Clear search |
| Enter | Execute search |
| ← → | Navigate previous/next CVE in modal |
Troubleshooting
Run the build script first to set up the Python environment:
# Windows
build.bat
# Linux/macOS
./build.sh
The server will automatically try the next available port. Or stop any existing instance:
run.bat --stop
- Make sure the server is running (
run.bat) - Check
server.logfor error messages - Verify no firewall is blocking port 8500
- Verify your VulnCheck API token is correct
- Check token permissions at vulncheck.com
- Try regenerating a new token
- Clear browser localStorage:
localStorage.clear()in browser console - Refresh the page
- Try applying filters again
- Verify AI API key is configured in Advanced Settings
- Check that the selected provider endpoint is reachable
- Use the Validate button to test your API key
- Check the browser console (F12) for error messages
Ensure your CSV import includes hostname or IP address columns. The dashboard auto-detects these based on column content patterns. Check the column selection modal to verify the correct columns are identified.
Version History
Release history and key feature highlights for VulnCheck Dashboard.
v2.5.4 — Visual Polish & Documentation (Feb 2026)
- Chart color harmonization across all visualizations (pyramid, pivots, viz tiles)
- Breathing animation on CVE timeline dots and main page mini dots
- Horizontal wave line effect in sample data timeline section
- Version info in settings panel with link to help page
- Print-friendly help documentation with professional PDF layout
v2.5.3 — Breach Cost & Timeline Enhancements (Feb 2026)
- CVE Timeline V2 with individual event dots, even spacing, and smart clustering
- Breach cost counter with real-time roller animation and YoY comparison
- Compact PDF export with inline severity/CVSS/EPSS header
- KEV multi-highlight for both CISA and VulnCheck KEV dates
- Threat intelligence timeline events (threat actors, ransomware, botnets)
v2.5.2 — UI Polish (Feb 2026)
- Column settings merged into Table Settings modal
- Copy summary button in CVE modal header
- EPSS score and percentile merged into single badge
- Light theme font visibility fixes for colored badges
v2.5 — CVE Timeline Enhancement (Feb 2026)
- Clustered timeline design with hover popup above dots
- Bidirectional highlighting between timeline dots and info badges
- NVD, KEV, Exploit, Threat, Canary, and EPSS event categories
- View toggle between Timeline and Classic views
- Full light theme compatibility
v2.4 — UX Polish (Feb 2026)
- Host view expand/collapse functionality
- Host smart summary with level and language controls
- Compact multi-column PDF layout for host exports
- Auto-scroll to generated AI summary
v2.3 — Risk Burn Rate Model (Feb 2026)
- Financial risk quantification with configurable assumptions
- Real-time burn rate meter and cost projections
- Risk reduction tracking as vulnerabilities are remediated
- Exportable risk reports for executive stakeholders
v2.2 — AI Integration (Feb 2026)
- AI-powered smart summaries with multi-provider support
- Configurable summary detail levels and languages
- Executive, technical, and remediation summary modes
v2.1 — MITRE ATT&CK Integration (Jan 2026)
- MITRE ATT&CK tactic and technique mapping per CVE
- Custom pivot charts for ATT&CK data visualization
- Filter by ATT&CK tactics and techniques
v2.0 — Host-Centric View (Jan 2026)
- Host-grouped vulnerability view from CSV imports
- Per-host risk scoring and severity breakdown
- Host detail modal with vulnerability table
- Batch PDF export for host reports
v1.5 — Visualization & Filtering (Jan 2026)
- Interactive severity distribution and timeline charts
- Exploit maturity pyramid visualization
- Custom pivot charts with click-to-filter
- Multi-criteria filtering with AND/OR logic
v1.0 — Core Features (Jan 2026)
- CVE and CPE search with VulnCheck API integration
- CSV batch processing with progress tracking
- Sortable results table with severity indicators
- CVE detail modal with exploit intelligence
- PDF export for individual CVEs
- Dark and light theme support