Inventory Matcher
Upload your software inventory · get only CVEs that affect you · ranked by context score
Sample Inventory Format
software Apache HTTP Server OpenSSL Windows Server MySQL Log4j nginx
Boost Formula
boost = 1.0
+ 0.30 × inventory_matches
× 1.25 (if public exploit)
× 1.15 (if remote + unauth)
× 1.10 (if NETWORK vector)
context_score = min(prob_critical × boost, 1.0)
+ 0.30 × inventory_matches
× 1.25 (if public exploit)
× 1.15 (if remote + unauth)
× 1.10 (if NETWORK vector)
context_score = min(prob_critical × boost, 1.0)
Fuzzy matching via FuzzyWuzzy — software names are checked against NER entity tags and raw CVE descriptions (≥75% / ≥85% threshold).
Upload your software inventory
The system fuzzy-matches each software name against 200k+ CVEs and surfaces only those that affect your environment, ranked by context score.