Vulnerability Management
CVE lookup via NVD, CISA KEV integration, and per-host patch gap tracking.
Route:
/vuln-managementHow it works
OverviewHow Vulnerability Management Works
GuardFoxCopilot queries the NIST NVD API and CISA KEV catalog to provide real-time CVE data, enriched with:
- CVSS v3.1 base score and vector
- EPSS probability (likelihood of exploitation in the next 30 days)
- CISA KEV status (actively exploited, federal patch deadline)
- Affected product matching against your asset inventory
- Patch availability and vendor advisory links
Data flow
NVD API → normalise → enrich with KEV → match to assets → risk score → alert if EPSS > thresholdNVD rate limits
NVD free tier: 5 requests/30 seconds. With an NVD API key: 50 requests/30 seconds.
GuardFoxCopilot caches CVE results for 24 hours to stay within limits.
NVD API key setup
SetupSetting Up the NVD API Key
Without an API key, CVE lookups are rate-limited to 5/30s and may timeout.
- Go to nvd.nist.gov/developers/request-an-api-key
- Register with your email — key arrives within minutes
- In GuardFoxCopilot: Settings → Integrations → NVD API Key
- Paste the key and save
The timeout for NVD requests is set to 20 seconds by default. If you see timeout errors, increase this in Settings → Advanced → NVD Timeout.
CISA KEV
No API key needed. GuardFoxCopilot fetches the KEV catalog daily from the CISA public JSON endpoint and cross-references all tracked CVEs automatically.