About Us

Software vulnerabilities are on the rise, making it more challenging than ever to stay informed on the risks to your software.

Offering a more comprehensive list of vulnerabilities than the National Vulnerability Database (NVD),
WhiteSource’s Vulnerability Center provides a free, searchable interface for the development community.

Our vulnerability database centralizes information about open source vulnerabilities including:

  • Language
  • CWE type
  • Severity level
  • Exposure level (how many organizations have been impacted)
  • Verified, suggested fixes
  • Chatter from the community (Twitter Feed)
  • More materials to help make smarter remediation decisions

Open source vulnerabilities are on the rise


The Vulnerability Center allows you to search for information on your vulnerabilities by either CVE or project name. With coverage for over 200 programming languages and vulnerabilities sourced from the NVD, a wide variety of security advisories, bug trackers, and more, we probably have what you are looking for. As our research extends beyond the limits of the NVD, some of the vulnerabilities listed on our center come with a “WS” designation, signifying that they are without a CVE ID.

Our goal is to build a community resource center for security professionals and developers seeking relevant info on the vulnerabilities facing their applications, sharing knowledge in an easy to access format.

As the community grows, expect additional resources like monthly spotlights of Top Open Source projects, analytical data on the most popular open source projects, and more.