Alerts
Use Alerts to triage CVEs that match your monitored software. This is the main workspace for deciding what needs investigation, what is already being handled, and what can be dismissed.
Tip
Start with Critical and High alerts, then enable KEV or PoC filters when you need to find the most exploitable risk first.
Common Tasks
Triage urgent findings
Filter to Critical and High alerts first. Review the CVE, affected software, severity, disclosure date, and description before assigning a status.
Use the CVE Detail page when you need remediation guidance, affected version ranges, references, CVSS metrics, EPSS, KEV, PoC, or CWE context.
Use exploitability signals
KEV and PoC filters help separate theoretical risk from vulnerabilities with evidence of real-world exploitation or public exploit material.
Prioritize KEV findings when they affect exposed or business-critical systems.
Track response status
Use statuses to keep triage visible:
| Status | Use when |
|---|---|
| Unknown | The alert has not been reviewed yet. |
| In Progress | The team is validating, patching, or mitigating. |
| Fixed | Your team has confirmed remediation outside CVEalert. |
| Dismissed | The alert does not apply or no action is needed. |
Warning
Marking an alert as Fixed does not verify remediation. Confirm patching, mitigation, or non-applicability in your own environment first.
Update multiple alerts
Bulk status changes are useful when several alerts share the same remediation decision. Use them after confirming that the selected alerts belong together.
Notes
- Alerts are generated from monitored software and configured severity thresholds.
- Search by CVE ID, vendor, or software when investigating a known issue.
- Lower severity alerts can still matter when they affect exposed systems or combine with other weaknesses.