Security teams often know when a vulnerability is disclosed. The real challenge is knowing when that vulnerability becomes actively exploitable.
That challenge is exactly why we built CVEAlertor.
The idea came after a client was compromised shortly after a public proof-of-concept (PoC) exploit was released for a newly disclosed vulnerability. The vulnerability was public, the exploit was public, but the information never reached the right people quickly enough.
In cybersecurity, one of the most dangerous windows is the period between:
"A public exploit exists" and "We haven't patched yet."
CVEAlertor was designed to close that gap.
What CVEAlertor Already Did
CVEAlertor continuously monitors the products you use and instantly notifies you when new CVEs are published.
Whether you run:
- VMware ESXi
- Zabbix
- Microsoft Exchange
- Roundcube
- Apache products
- Network appliances
- Or any other tracked software
You'll receive immediate Telegram alerts directly from NVD as soon as vulnerabilities are published.
Alerts include:
- CVE identifier
- Severity rating
- CVSS score
- Publication date
- NVD reference link
- Affected product information
No waiting for vulnerability scanners or third-party databases to catch up.
New Feature: Public PoC & Exploit Monitoring
We're excited to announce the next major feature:
Public Proof-of-Concept (PoC) Detection
CVEAlertor now continuously monitors tracked CVEs for newly published exploit code on GitHub.
When a public PoC appears, you'll receive an alert containing:
- CVE identifier
- GitHub repository
- Repository link
- Star count
- Discovery date
This provides a critical signal for vulnerability prioritization.
A vulnerability disclosure is important.
A working exploit published to the public internet is urgent.
In many cases, exploit code appears days or weeks after a CVE is disclosed. CVEAlertor keeps watching and alerts you the moment that changes.
How It Works
1. Track Your Products
Configure the products and technologies deployed within your environment.
2. Receive Instant CVE Alerts
Get Telegram notifications whenever a new vulnerability is published for tracked products.
3. Monitor Public Exploits
Daily GitHub monitoring identifies newly released PoCs and exploit repositories associated with tracked CVEs.
4. Stay Focused on New Threats
The first run creates a baseline and suppresses historical notifications.
You only receive alerts for genuinely new findings.
Built for Simplicity
CVEAlertor is designed to be lightweight and easy to deploy.
Features include:
- Pure Python implementation
- No external dependencies
- Telegram integration
- Service mode support
- Automatic persistence across reboots
- Minimal resource consumption
Deploy it once and let it continuously monitor the vulnerabilities that matter to your infrastructure.
Open Source and Free
CVEAlertor is fully open source and available free of charge.
GitHub Repository:
https://github.com/RedSideSecurity/CVEAlertor
What's Next?
The next major release will expand monitoring beyond public sources.
Planned capabilities include:
- Dark web marketplace monitoring
- Underground forum monitoring
- Exploit sales tracking
- Threat actor discussions
- Early exploit intelligence
The goal is to provide visibility not only when exploit code becomes public, but also when it begins circulating privately among threat actors.
Final Thoughts
Security teams cannot patch every vulnerability immediately.
Prioritization matters.
Knowing that a CVE exists is useful. Knowing that working exploit code has just been released is often the information that changes everything.
CVEAlertor helps organizations monitor both events and react faster when vulnerabilities move from theoretical risk to active threat.
Track the CVEs that matter to your infrastructure and receive exploit intelligence the moment it appears.