Positive Technologies Launches Global Portal with Data on 300,000+ Vulnerabilities

Positive Technologies has unveiled a comprehensive online portal that aggregates software and hardware vulnerability data from vendors around the world—aimed at helping cybersecurity professionals, ethical hackers, and businesses stay ahead of emerging threats.

The platform, which already catalogs over 317,000 vulnerabilities, includes detailed entries on each flaw, information about the researchers who discovered them, and vendor-provided remediation guidance. The database is updated regularly, adding approximately 1,000 new entries each week.

According to Positive Technologies, the launch comes at a critical time. Well-established vulnerability databases—such as the National Vulnerability Database (NVD) and the Common Vulnerabilities and Exposures (CVE) system—have faced periodic delays in publishing updates, in part due to reduced funding for MITRE, the nonprofit that oversees CVE identifiers.

These delays can give malicious actors a dangerous head start, exploiting unpatched vulnerabilities before organizations are even aware of them. Without timely data, companies struggle to update infrastructure, and developers can't feed critical threat signatures into detection tools.

Beyond the timing issue, cybersecurity professionals—both globally and within Russia—have flagged inconsistencies and omissions in existing vulnerability databases. In particular, reports from Russian researchers are often absent from CVE/NVD listings, though they may appear in regional sources such as the FSTEC database.

“Recognizing a growing need across the global cybersecurity community, we’ve created a publicly accessible platform that provides not just vulnerability listings, but deeper context—including remediation status and severity levels,” Positive Technologies said in a statement.

Currently, the portal hosts data on over 300,000 vulnerabilities and 45,000 researchers. What sets it apart, the company claims, is not just volume—but depth.

Drawing from a wide range of sources—including CVE/NVD, Reddit, Telegram, and X.com—Positive Technologies uses large language models (LLMs) to produce enriched summaries. These AI-generated entries often include critical details omitted from traditional listings.

For instance, while researchers who report vulnerabilities may go uncredited in MITRE’s registry, Positive Technologies makes a point of identifying and recognizing individual contributors. By parsing vendor websites with AI, the platform captures these attributions and adds them to its records.

The portal also tracks vulnerabilities trending within cybersecurity circles, providing dynamic rankings of the most widely discussed and pressing threats.

Looking ahead, Positive Technologies plans to introduce personalized newsfeeds, advanced filtering tools, and researcher profiles similar to those on bug bounty platforms. Users will be able to follow researchers, comment on vulnerabilities, and customize their threat monitoring experience.