News
Vulnerability-Lookup 2.7.0 released

Vulnerability-Lookup 2.7.0 released

March 27, 2025

 #release#screencast

We’re delighted to announce the release of Vulnerability-Lookup 2.7.0, packed with new features, enhancements, and bug fixes.

What’s New

Vendor and Product Management

Added support for extending or aliasing CPE names, allowing vendor and product names to be mapped. This addresses the issue of CPE fragmentation or inconsistency, where an organization might have multiple vendor names, or a single product is referenced by different CPE identifiers (e.g., "cpe:/a:oracle:java" vs. "cpe:/a:sun:java" for the same product).

The solution introduces organizations as unified containers, consolidating known CPE vendor names under a single entity. Related products are linked to this entity. Additionally, a curated list of CPE product name synonyms helps resolve naming discrepancies.

A point of contact (email/URL) can be added to an organization. #110

Public pages

List of organizations Organization page Product page

Management pages

Management of products

CPE product name management

New notifications for users

User notifications

Organization Membership

Users can now be part of one or multiple organizations in Vulnerability-Lookup. #110

New API endpoints

Introduced new endpoints to retrieve information about organizations and products. It is as well possible to get all CPE information related to a product or an organization, as a JSON file. (/organization/<uuid>/export_cpe_information and /product/<uuid>/export_cpe_information) #110

An example of export is available here: CIRCL_CPE.json

📂 To see the full rundown of the changes, users can visit the changelog on GitHub: https://github.com/vulnerability-lookup/vulnerability-lookup/releases/tag/v2.7.0

🙏 Thank you very much to all the contributors and testers!

New community on OSSBase

The Vulnerability-Lookup community is now hosted on OSSBase! 🎉

🔗 Join the discussion:
https://discourse.ossbase.org/t/vulnerability-lookup-2-7-0-released/35

Account creation is fully open!
Sign up, explore, and share your feedback—we’d love to hear your thoughts! 💡

Feedback and Support

If you encounter issues or have suggestions, please feel free to open a ticket on our GitHub repository. Your feedback is invaluable to us!
https://github.com/vulnerability-lookup/vulnerability-lookup/issues/

Follow us on Fediverse/Mastodon

You can follow us on Mastodon and get real time informationa about security advisories:
https://social.circl.lu/@vulnerability_lookup/

Hackathon

Join our upcoming Hackathon and contribute to Vulnerability-Lookup!

📅 When: 8th & 9th April in Luxembourg
📍 Where: www.parc-hotel.lu (120 Route d’Echternach L-1453 Luxembourg)

https://hackathon.lu

Vulnerability Report - February 2025