About LinuxCVETracker

A free, independent Linux kernel
CVE tracker built for sysadmins

LinuxCVETracker is a free, community-focused tool for searching and tracking Common Vulnerabilities and Exposures in the Linux kernel. No paywalls. No accounts. No noise.

Search and filter

Find CVEs by severity, year, keyword, or exploited status. Designed to be fast for the way sysadmins actually look things up.

Email alerts

Subscribe to notifications when new kernel CVEs are published. Filter by severity so you only hear about what matters to you.

Vulnerability stats

Yearly trends, severity breakdowns, and headline numbers. Understand the shape of the Linux kernel vulnerability landscape at a glance.

KEV tracking

Actively exploited CVEs are flagged using the CISA Known Exploited Vulnerabilities catalog — the highest-signal filter for patching priority.

Where the data comes from

All CVE data is fetched daily from the NIST National Vulnerability Database (NVD) via their public API. LinuxCVETracker does not modify, editorialize, or supplement the NVD data — what you see here is a clean, filtered, and well-presented view of the official record.

CVE data is fetched daily from the NVD 2.0 API, typically refreshing between midnight and 6am UTC. New CVEs are usually visible on LinuxCVETracker within 24 hours of appearing on NVD. CVSS scores and severity ratings are assigned by NVD analysts and may lag behind CVE publication by days or weeks — this is why some CVEs appear as "Awaiting NVD" in the database. CISA KEV status is checked daily.

NIST National Vulnerability Database

The authoritative US government repository of CVE data. NVD enriches MITRE CVE records with CVSS scores, severity ratings, affected product information, and references. All NVD data is in the public domain.

nvd.nist.gov

CISA Known Exploited Vulnerabilities (KEV) catalog

CVEs marked as actively exploited in the wild are sourced from the CISA KEV catalog. CISA maintains this list and mandates federal agencies patch KEV entries within defined timeframes.

cisa.gov/known-exploited-vulnerabilities-catalog

NVD Attribution Notice

This product uses the NVD API but is not endorsed or certified by the NVD.

Why this exists

Existing Linux kernel CVE trackers are either paywalled, visually cluttered, or designed for enterprise security teams rather than the individual sysadmin trying to understand whether their kernel is exposed. LinuxCVETracker exists to be the tool that should exist but doesn't: free, clean, accurate, and built by someone who actually uses Linux.

This is an independent project, not a product. There are no investors, no sales team, and no upsell path. The goal is to be genuinely useful to the Linux community.

Always free. No paywalls, no accounts required for any core functionality.
Data integrity. We don't invent severity ratings or modify NVD data. If NVD says it's High, we say High.
No dark patterns. No manipulative notifications, no engagement metrics, no tracking beyond basic anonymous analytics.
Transparency about limitations. Data comes from NVD. NVD has gaps and delays. We surface this honestly — including the "Awaiting NVD" status for unscored CVEs.
Focused scope. Linux kernel CVEs only. Better to do one thing well than everything poorly.

Questions or data errors? [email protected]

A free, independent Linux kernelCVE tracker built for sysadmins

Where the data comes from

Why this exists

A free, independent Linux kernel
CVE tracker built for sysadmins