Home CVE Search Blog About
VulnPath

Stop reading CVEs.
See the attack path.

Turn any CVE into an interactive attack chain graph and see what products in your environment are impacted. Built for security professionals who need to understand the blast radius — fast.

Try it free — no signup → Pricing →
Learn more
Why VulnPath?
"You see a new Critical CVE. You pull up the NVD. You cross-reference the advisory with the CWE description, look for a PoC, and try to map out exactly what an attacker can reach. By the time you've done that for one CVE, 30 minutes are gone. VulnPath does this instantly."
01 — Interactive Attack Graph

The NVD tells you it's broken.
VulnPath shows you how it breaks.

Instantly see the relationship between entry points, attacker actions, and affected systems. Every node shows its role in the attack — who the attacker is, what they exploited, what system they landed on, and what the blast radius looks like.

The Old Way
nvd.nist.gov/vuln/detail/CVE-2024-XXXX 
{
  "resultsPerPage": 1,
  "totalResults": 1,
  "vulnerabilities": [{
    "cve": {
      "id": "CVE-2024-XXXX",
      "sourceIdentifier": "...",
      "published": "2024-03-15T18:15:09.433",
      "lastModified": "2024-03-19T...",
      "vulnStatus": "Analyzed",
      "descriptions": [{
        "lang": "en",
        "value": "A use-after-free vulnerability in
        the XYZ subsystem allows remote
        unauthenticated attackers to execute
        arbitrary code via a crafted request
        to the affected endpoint. The issue
        stems from improper memory handling
        in versions prior to 2.1.4..."
      }],
      "metrics": {
        "cvssMetricV31": [{
          "cvssData": {
            "attackVector": "NETWORK",
            "attackComplexity": "LOW",
            "privilegesRequired": "NONE",
            "userInteraction": "NONE",
            "scope": "CHANGED",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "availabilityImpact": "HIGH",
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL"
          }
        }]
      },
      "weaknesses": [{"description":[
        {"lang":"en","value":"CWE-416"}
      ]}],
      "configurations": [...]
    }
  }]
}
The VulnPath Way
vulnpath.app · CVE-2021-44228 · Log4Shell
VulnPath attack graph for Log4Shell CVE-2021-44228
02 — Step-by-Step Attack Chain

Not just what broke —
exactly how it was exploited.

Each CVE is broken into an ordered sequence of attack phases — from initial access through to full impact. Useful for writing incident response playbooks, building detection rules, or explaining the attack narrative during a debrief.

  • 3–6 ordered steps per CVE covering the complete attack lifecycle
  • Each step tagged by MITRE tactic: Initial Access, Execution, Persistence, Exfiltration, Impact
  • Steps rewrite automatically when switching to Simple mode
vulnpath.app · Attack Chain · EternalBlue
VulnPath attack chain panel
03 — Product Exposure Search

Know every CVE hitting your stack —
before attackers do.

Don't know the CVE? Start with the product. Enter any library, vendor, or system name and instantly surface every known CVE affecting it — each with severity scores and a full attack chain ready to explore.

  • Search any product, vendor, or library name
  • Every result shows CVSS score and exploitability at a glance
  • Click any CVE to open the full attack chain instantly
vulnpath.app · Product Search
VulnPath product exposure search results
04 — Tech Stack Blast Radius

Search a CVE and instantly know
if it impacts your environment.

Add any library, vendor, or framework used in your tech stack to see which CVEs you search are impacting your environment — with a full attack chain ready to explore for each one.

  • Add any library, vendor, or framework to your stack
  • Search any CVE and instantly see if it hits something in your stack
vulnpath.app · CVE-2021-44228 · Log4Shell
CVE-2021-44228
Apache Log4j2 Remote Code Execution via JNDI Lookup
⚠ Affects your stack: Apache Log4j
Your Tech Stack
Apache Log4j OpenSSL nginx Node.js Spring Framework
05 — Real-World Exploit Examples

See how attackers are
exploiting it right now.

For every CVE, VulnPath pulls live proof-of-concept exploits and public references directly from GitHub. Go beyond theory — see the actual tools, scripts, and techniques attackers are using in the wild.

  • Live PoC repos and public references pulled from GitHub per CVE
  • Star counts surface the most widely-used exploits at a glance
  • Instantly understand attacker tooling without leaving the app
vulnpath.app · Exploit Examples · Log4Shell
Exploit Examples & Public References
📦
christophetd/log4shell-vulnerable-app
Demo vulnerable Spring Boot app
⭐ 2.6k
📦
mbechler/marshalsec
Java unmarshalling gadget chains
⭐ 3.1k
📦
fullhunt/log4j-scan
Vulnerable Log4j2 host scanner
⭐ 3.3k
06 — Technical + Simple Mode

Audit-Ready Summaries
in One Click.

Stop writing executive summaries from scratch. Flip to 'Simple Mode' to instantly strip away the jargon. Copy and paste the results directly into Jira tickets, Slack updates, or C-suite briefings.

  • Every node, step, and CVSS metric has both a technical and simple version
  • Simple mode rewrites jargon into clear, direct language — no dumbing down
  • The entire interface updates instantly — no reloading, no separate view
vulnpath.app · CVE-2021-44228 · Log4Shell

Apache Log4j2 2.0-beta9 through 2.15.0 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.

Apache Log4j2 versions 2.0-beta9 through 2.15.0 contain a critical remote code execution vulnerability in their JNDI lookup functionality. Attackers can inject malicious LDAP references into log messages, which are then deserialized and executed by the application.

Free · no signup required
Six of the most exploited vulnerabilities ever discovered.
Click any CVE below to generate the full attack chain graph — every step from initial access to impact, mapped to MITRE ATT&CK.
Pricing

Simple pricing.
No surprises.

Subscribe now at our early adopter rate and keep this price for life as we add more Pro features.

Free
$0 / month

Basic features to explore CVEs and understand your attack surface.

Get started →
  • Unlimited CVE & product lookups
  • Full attack chain graph
  • MITRE ATT&CK technique mapping
  • Tech stack blast radius monitoring
  • Favorites & saved CVEs
  • Up to 5 tech stack products
PRO
Pro — Monthly
$2.99 / month

Additional Pro features to enhance your monitoring and research.

Start free trial →

7-day free trial · Cancel anytime

  • Up to 50 tech stack products
  • Access to future Pro features
BEST VALUE
Pro — Yearly
$29.99 / year

All Pro features, billed annually. Save 16% compared to monthly.

Start free trial →

7-day free trial · Cancel anytime

  • Includes free + Pro features
  • Access to future Pro features
  • 16% saving vs. monthly
Loading Attack Chain
FETCHING NVD DATA