// user guide
Follow these steps to get the most out of your threat intelligence dashboard.
// getting started
Go to the Dashboard and type a vendor or software name into the search bar — for example Windows, Chrome, Apache, or Cisco. Press Enter or click Search.
💡 You can also click Latest Critical to instantly load the most recent critical-severity CVEs.Use the checkboxes in the left sidebar to narrow results to the severity levels that matter to you — Critical, High, Medium, or Low. The charts update automatically as you filter.
💡 For urgent threats, check only Critical and High.Click View Details on any CVE card to open a detail panel. This shows the full description, exact CVSS score, publication date, and links to official references and patches.
💡 References often link directly to the vendor's patch or advisory page.Click Watch on any CVE card (or the Save button inside the detail panel) to add it to your watchlist. Watchlisted CVEs are saved to the database so they persist between sessions.
💡 Click the Watchlist tab at the top of the results area to review all your saved CVEs.Go to the Breach Check page and enter any email address. CyberAware will query the XposedOrNot database and tell you if that email appeared in any publicly known data leaks.
💡 If breaches are found, follow the on-screen recommendations and change your passwords immediately.// features
Search the National Vulnerability Database by vendor or software name. Results show description, CVSS score, and severity.
Instantly filter results to Critical, High, Medium, or Low severity. Bar and doughnut charts visualize the distribution.
Save CVEs you care about to a persistent watchlist stored in Supabase. Access your list anytime from the Dashboard.
Check any email address against XposedOrNot's database of public data breaches. See which services were compromised.
// data sources
Maintained by NIST (National Institute of Standards and Technology), a U.S. government agency. The industry gold standard for CVE data. No API key required. nvd.nist.gov
An open-source data breach aggregator that indexes publicly disclosed leaks. Free and no authentication required. xposedornot.com
// frequently asked questions
CVE stands for Common Vulnerabilities and Exposures. It's a standardized identifier for publicly known cybersecurity vulnerabilities. Each CVE has a unique ID (e.g. CVE-2024-1234), a description, and a CVSS severity score assigned by NIST.
CVSS (Common Vulnerability Scoring System) rates a vulnerability's severity from 0.0 to 10.0. It factors in how easily a vulnerability can be exploited, whether it requires authentication, and what impact it has. Scores 9.0–10.0 are Critical, 7.0–8.9 are High, 4.0–6.9 are Medium, and 0.1–3.9 are Low.
No. Your email is sent to our backend server, which forwards it to the XposedOrNot API and returns the result. We do not log or store email addresses. The request is proxied server-side solely to avoid exposing the external API call from your browser.
CyberAware queries the NVD API in real time every time you search, so results are always current. The NVD database is updated continuously as new vulnerabilities are discovered and analyzed by NIST.
Some CVEs are newly published and haven't yet been fully analyzed by NIST. They may show "?" or "Unknown" for severity until the NVD team assigns a CVSS score. This usually happens within a few days of initial publication.