The CVE feed Noxen scans against

Sources

Where the data comes from

The feed is a unioned, deduped index across three upstream sources. Each row in the table is a record count from the latest build.

Trust

How you can verify what's served

Every snapshot is signed with Ed25519. The Mac app verifies the manifest's signature against a bundled public key before importing any record. Sources are mirrored, not interpreted — Noxen never re-scores or fabricates CVE data.

• Public key 6GP2QJveFk90XWEdWn86AXY5h7CjnrV1LnfhjdlCgO8=
• Manifest URL feed.noxen.app/manifest.json
• Signing algorithm Ed25519 over canonicalised JSON (sorted keys at every level)
• Snapshot format Gzipped NDJSON (one JSON record per line, LF-delimited)

Live listings

Top recent critical CVEs

The most-recently-published critical-severity CVEs in the feed, deduped to one row per CVE ID, newest first. Refreshed when the feed itself rebuilds.

Top recent high-severity CVEs

Same shape as the critical list, one severity bucket down. High-CVSS findings still demand attention but typically allow a normal patch-cycle response.

By distribution

What Noxen tracks per distro

Per-ecosystem dashboards with the same headline numbers, framed for each distro.

• Ubuntu 24.04 LTSCVE coverage for Ubuntu 24.04
• Debian 12 BookwormCVE coverage for Debian 12
• Rocky Linux 9CVE coverage for Rocky 9 (incl. AlmaLinux + Red Hat backports)

Want to scan your fleet?

Noxen matches this feed against your installed package versions over SSH. Mac-native. Agentless. $79 one-time at launch.