{ "generated_at": "2026-03-19T02:26:48+00:00", "system_count": 62, "source_count": 173, "active_source_count": 118, "retired_source_count": 55, "systems_with_active_official": 61, "systems_with_machine_readable_source": 62, "systems": [ { "system_id": "adminer", "display_name": "Adminer", "category": "platforms", "tier": "rolling-24m", "source_total": 1, "active_source_total": 1, "retired_source_total": 0, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "adobe-commerce", "display_name": "Adobe Commerce", "category": "ecommerce", "tier": "history-full", "source_total": 5, "active_source_total": 2, "retired_source_total": 3, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "angular", "display_name": "Angular", "category": "frameworks", "tier": "rolling-24m", "source_total": 2, "active_source_total": 1, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "apache-httpd", "display_name": "Apache HTTP Server", "category": "servers", "tier": "history-full", "source_total": 3, "active_source_total": 3, "retired_source_total": 0, "official_active": 3, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 2, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "apache-tomcat", "display_name": "Apache Tomcat", "category": "servers", "tier": "history-full", "source_total": 3, "active_source_total": 3, "retired_source_total": 0, "official_active": 3, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 2, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "aspnet-core", "display_name": "ASP.NET Core", "category": "frameworks", "tier": "rolling-24m", "source_total": 1, "active_source_total": 1, "retired_source_total": 0, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "astro", "display_name": "Astro", "category": "frameworks", "tier": "rolling-24m", "source_total": 2, "active_source_total": 1, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "caddy", "display_name": "Caddy", "category": "servers", "tier": "rolling-24m", "source_total": 2, "active_source_total": 2, "retired_source_total": 0, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "directus", "display_name": "Directus", "category": "cms", "tier": "rolling-24m", "source_total": 2, "active_source_total": 2, "retired_source_total": 0, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "discourse", "display_name": "Discourse", "category": "cms", "tier": "rolling-24m", "source_total": 5, "active_source_total": 3, "retired_source_total": 2, "official_active": 2, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 3, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "django", "display_name": "Django", "category": "frameworks", "tier": "rolling-24m", "source_total": 4, "active_source_total": 3, "retired_source_total": 1, "official_active": 3, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "drupal", "display_name": "Drupal", "category": "cms", "tier": "history-full", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 2, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "echo", "display_name": "Echo", "category": "frameworks", "tier": "rolling-24m", "source_total": 1, "active_source_total": 1, "retired_source_total": 0, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "esbuild", "display_name": "esbuild", "category": "frameworks", "tier": "rolling-24m", "source_total": 3, "active_source_total": 1, "retired_source_total": 2, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "express", "display_name": "Express", "category": "frameworks", "tier": "rolling-24m", "source_total": 3, "active_source_total": 1, "retired_source_total": 2, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "fastify", "display_name": "Fastify", "category": "frameworks", "tier": "rolling-24m", "source_total": 2, "active_source_total": 1, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "flask", "display_name": "Flask", "category": "frameworks", "tier": "rolling-24m", "source_total": 2, "active_source_total": 1, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "ghost", "display_name": "Ghost", "category": "cms", "tier": "history-full", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "gin", "display_name": "Gin", "category": "frameworks", "tier": "rolling-24m", "source_total": 1, "active_source_total": 1, "retired_source_total": 0, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "gitea", "display_name": "Gitea", "category": "platforms", "tier": "rolling-24m", "source_total": 2, "active_source_total": 2, "retired_source_total": 0, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "gitlab-ce", "display_name": "GitLab CE", "category": "platforms", "tier": "rolling-24m", "source_total": 3, "active_source_total": 3, "retired_source_total": 0, "official_active": 2, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "grafana", "display_name": "Grafana", "category": "platforms", "tier": "rolling-24m", "source_total": 2, "active_source_total": 2, "retired_source_total": 0, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "hapi", "display_name": "Hapi", "category": "frameworks", "tier": "history-full", "source_total": 2, "active_source_total": 1, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "haproxy", "display_name": "HAProxy", "category": "servers", "tier": "rolling-24m", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 2, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "jenkins", "display_name": "Jenkins", "category": "platforms", "tier": "rolling-24m", "source_total": 2, "active_source_total": 2, "retired_source_total": 0, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "joomla", "display_name": "Joomla", "category": "cms", "tier": "history-full", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "kibana", "display_name": "Kibana", "category": "platforms", "tier": "rolling-24m", "source_total": 2, "active_source_total": 2, "retired_source_total": 0, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "koa", "display_name": "Koa", "category": "frameworks", "tier": "rolling-24m", "source_total": 2, "active_source_total": 1, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "laravel", "display_name": "Laravel", "category": "frameworks", "tier": "rolling-24m", "source_total": 2, "active_source_total": 1, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "magento-open-source", "display_name": "Magento Open Source", "category": "ecommerce", "tier": "history-full", "source_total": 3, "active_source_total": 3, "retired_source_total": 0, "official_active": 2, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "mattermost", "display_name": "Mattermost", "category": "platforms", "tier": "rolling-24m", "source_total": 4, "active_source_total": 2, "retired_source_total": 2, "official_active": 1, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 2, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "mediawiki", "display_name": "MediaWiki", "category": "cms", "tier": "rolling-24m", "source_total": 4, "active_source_total": 2, "retired_source_total": 2, "official_active": 1, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 2, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "medusa", "display_name": "Medusa", "category": "ecommerce", "tier": "rolling-24m", "source_total": 2, "active_source_total": 2, "retired_source_total": 0, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "moodle", "display_name": "Moodle", "category": "cms", "tier": "rolling-24m", "source_total": 3, "active_source_total": 1, "retired_source_total": 2, "official_active": 0, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 1, "has_active_official": false, "has_machine_readable_source": true }, { "system_id": "nestjs", "display_name": "NestJS", "category": "frameworks", "tier": "rolling-24m", "source_total": 3, "active_source_total": 1, "retired_source_total": 2, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "nextjs", "display_name": "Next.js", "category": "frameworks", "tier": "history-full", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "nginx", "display_name": "Nginx", "category": "servers", "tier": "history-full", "source_total": 3, "active_source_total": 3, "retired_source_total": 0, "official_active": 3, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 2, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "nodejs", "display_name": "Node.js", "category": "frameworks", "tier": "history-full", "source_total": 2, "active_source_total": 2, "retired_source_total": 0, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "nuxt", "display_name": "Nuxt", "category": "frameworks", "tier": "history-full", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "opencart", "display_name": "OpenCart", "category": "ecommerce", "tier": "history-full", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "openmage", "display_name": "OpenMage / Mage-OS", "category": "ecommerce", "tier": "rolling-24m", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "phpmyadmin", "display_name": "phpMyAdmin", "category": "platforms", "tier": "rolling-24m", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "prestashop", "display_name": "PrestaShop", "category": "ecommerce", "tier": "history-full", "source_total": 5, "active_source_total": 4, "retired_source_total": 1, "official_active": 2, "ecosystem_active": 2, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "rails", "display_name": "Ruby on Rails", "category": "frameworks", "tier": "rolling-24m", "source_total": 3, "active_source_total": 1, "retired_source_total": 2, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "react", "display_name": "React", "category": "frameworks", "tier": "history-full", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "redmine", "display_name": "Redmine", "category": "platforms", "tier": "rolling-24m", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "saleor", "display_name": "Saleor", "category": "ecommerce", "tier": "rolling-24m", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "shopware", "display_name": "Shopware", "category": "ecommerce", "tier": "history-full", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "spring-boot", "display_name": "Spring Boot", "category": "frameworks", "tier": "rolling-24m", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "spring-framework", "display_name": "Spring Framework", "category": "frameworks", "tier": "rolling-24m", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "spring-security", "display_name": "Spring Security", "category": "frameworks", "tier": "rolling-24m", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 1, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "strapi", "display_name": "Strapi", "category": "cms", "tier": "rolling-24m", "source_total": 2, "active_source_total": 2, "retired_source_total": 0, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "sveltekit", "display_name": "SvelteKit", "category": "frameworks", "tier": "rolling-24m", "source_total": 2, "active_source_total": 1, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "symfony", "display_name": "Symfony", "category": "frameworks", "tier": "rolling-24m", "source_total": 2, "active_source_total": 1, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "traefik", "display_name": "Traefik", "category": "servers", "tier": "rolling-24m", "source_total": 2, "active_source_total": 2, "retired_source_total": 0, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "undici", "display_name": "Undici", "category": "frameworks", "tier": "rolling-24m", "source_total": 3, "active_source_total": 1, "retired_source_total": 2, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "vite", "display_name": "Vite", "category": "frameworks", "tier": "history-full", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "vue", "display_name": "Vue", "category": "frameworks", "tier": "history-full", "source_total": 3, "active_source_total": 2, "retired_source_total": 1, "official_active": 2, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "webpack", "display_name": "webpack", "category": "frameworks", "tier": "rolling-24m", "source_total": 3, "active_source_total": 1, "retired_source_total": 2, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "werkzeug", "display_name": "Werkzeug", "category": "frameworks", "tier": "rolling-24m", "source_total": 2, "active_source_total": 1, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 0, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "woocommerce", "display_name": "WooCommerce", "category": "ecommerce", "tier": "history-full", "source_total": 6, "active_source_total": 5, "retired_source_total": 1, "official_active": 2, "ecosystem_active": 3, "research_active": 0, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true }, { "system_id": "wordpress", "display_name": "WordPress", "category": "cms", "tier": "history-full", "source_total": 6, "active_source_total": 5, "retired_source_total": 1, "official_active": 1, "ecosystem_active": 3, "research_active": 1, "machine_readable_active": 1, "has_active_official": true, "has_machine_readable_source": true } ], "retired_sources": [ { "system_id": "adobe-commerce", "display_name": "Adobe Commerce", "source_name": "Adobe Security Bulletins", "bucket": "official_sources", "kind": "html-links", "retired_reason": "Original bulletin index probe was unstable under the old transport path; vendor index replacement uses explicit request policy and parser hints.", "replacement_sources": [ "Adobe Magento Security Index", "NVD Adobe Commerce", "GHSA Adobe Commerce" ], "url": "https://helpx.adobe.com/security/products/magento.html" }, { "system_id": "adobe-commerce", "display_name": "Adobe Commerce", "source_name": "GHSA Adobe Commerce", "bucket": "ecosystem_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Adobe index and NVD remain active replacements.", "replacement_sources": [ "Adobe Magento Security Index", "NVD Adobe Commerce" ], "url": "" }, { "system_id": "adobe-commerce", "display_name": "Adobe Commerce", "source_name": "Sansec Research", "bucket": "ecosystem_sources", "kind": "vendor-index", "retired_reason": "Research index is too slow for daily active monitoring; GHSA Adobe Commerce provides a stable machine-readable replacement.", "replacement_sources": [ "GHSA Adobe Commerce", "Adobe Magento Security Index" ], "url": "https://sansec.io/research" }, { "system_id": "angular", "display_name": "Angular", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Angular remains the active replacement source.", "replacement_sources": [ "OSV Angular" ], "url": "" }, { "system_id": "astro", "display_name": "Astro", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Astro remains the active replacement source.", "replacement_sources": [ "OSV Astro" ], "url": "" }, { "system_id": "discourse", "display_name": "Discourse", "source_name": "Discourse Meta Security", "bucket": "official_sources", "kind": "html-links", "retired_reason": "Meta security category HTML changed and no longer provides stable scrape semantics for health checks.", "replacement_sources": [ "Discourse Release Notes RSS", "GitHub Discourse Advisories" ], "url": "https://meta.discourse.org/c/bug/security/40" }, { "system_id": "discourse", "display_name": "Discourse", "source_name": "GitHub Discourse Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Discourse release feed remains the active official source.", "replacement_sources": [ "Discourse Release Notes RSS", "Discourse Security RSS" ], "url": "" }, { "system_id": "django", "display_name": "Django", "source_name": "Django Security RSS", "bucket": "official_sources", "kind": "rss-feed", "retired_reason": "Official security tag feed became unstable; use official weblog index and release archive instead.", "replacement_sources": [ "Django Security Weblog", "Django Security Releases Archive" ], "url": "https://www.djangoproject.com/weblog/feeds/tags/security/" }, { "system_id": "drupal", "display_name": "Drupal", "source_name": "NVD Drupal", "bucket": "official_sources", "kind": "nvd-search", "retired_reason": "OSV Drupal + Drupal official RSS now cover machine-readable collection with lower cold-start latency than NVD public search.", "replacement_sources": [ "Drupal Security Advisories RSS", "OSV Drupal" ], "url": "" }, { "system_id": "esbuild", "display_name": "esbuild", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV esbuild remains the active replacement source.", "replacement_sources": [ "OSV esbuild" ], "url": "" }, { "system_id": "esbuild", "display_name": "esbuild", "source_name": "NVD esbuild", "bucket": "ecosystem_sources", "kind": "nvd-search", "retired_reason": "OSV esbuild replaces NVD public search for lower-latency machine-readable collection.", "replacement_sources": [ "OSV esbuild" ], "url": "" }, { "system_id": "express", "display_name": "Express", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Express remains the active replacement source.", "replacement_sources": [ "OSV Express" ], "url": "" }, { "system_id": "express", "display_name": "Express", "source_name": "NVD Express.js", "bucket": "ecosystem_sources", "kind": "nvd-search", "retired_reason": "OSV Express replaces NVD public search for lower-latency machine-readable collection.", "replacement_sources": [ "OSV Express" ], "url": "" }, { "system_id": "fastify", "display_name": "Fastify", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Fastify remains the active replacement source.", "replacement_sources": [ "OSV Fastify" ], "url": "" }, { "system_id": "flask", "display_name": "Flask", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GitHub advisory API is quota-limited; OSV Flask remains the active machine-readable source.", "replacement_sources": [ "OSV Flask" ], "url": "" }, { "system_id": "ghost", "display_name": "Ghost", "source_name": "NVD Ghost", "bucket": "official_sources", "kind": "nvd-search", "retired_reason": "OSV Ghost replaces NVD for machine-readable collection and keeps npm package alignment.", "replacement_sources": [ "Ghost GitHub Advisories", "OSV Ghost" ], "url": "" }, { "system_id": "hapi", "display_name": "Hapi", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Hapi remains the active replacement source.", "replacement_sources": [ "OSV Hapi" ], "url": "" }, { "system_id": "haproxy", "display_name": "HAProxy", "source_name": "HAProxy Security Advisories", "bucket": "official_sources", "kind": "html-links", "retired_reason": "Legacy haproxy.org security page no longer yields stable scrape results for monitoring.", "replacement_sources": [ "HAProxy Blog Feed" ], "url": "https://www.haproxy.org/security/" }, { "system_id": "joomla", "display_name": "Joomla", "source_name": "NVD Joomla", "bucket": "official_sources", "kind": "nvd-search", "retired_reason": "OSV Joomla CMS replaces NVD for machine-readable collection without public NVD throttling.", "replacement_sources": [ "Joomla Security Centre", "OSV Joomla" ], "url": "" }, { "system_id": "koa", "display_name": "Koa", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Koa remains the active replacement source.", "replacement_sources": [ "OSV Koa" ], "url": "" }, { "system_id": "laravel", "display_name": "Laravel", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GitHub advisory API is quota-limited; OSV Laravel remains the active machine-readable source.", "replacement_sources": [ "OSV Laravel" ], "url": "" }, { "system_id": "mattermost", "display_name": "Mattermost", "source_name": "Mattermost Security Updates", "bucket": "official_sources", "kind": "html-links", "retired_reason": "Mattermost security updates page returned repeated 403 responses from the collector path; NVD replacement remains active.", "replacement_sources": [ "NVD Mattermost" ], "url": "https://mattermost.com/security-updates/" }, { "system_id": "mattermost", "display_name": "Mattermost", "source_name": "NVD Mattermost", "bucket": "official_sources", "kind": "nvd-search", "retired_reason": "Mattermost official JSON feed plus OSV Mattermost replace NVD for lower-latency machine-readable collection.", "replacement_sources": [ "Mattermost Security Updates JSON", "OSV Mattermost" ], "url": "" }, { "system_id": "mediawiki", "display_name": "MediaWiki", "source_name": "MediaWiki Security Releases", "bucket": "official_sources", "kind": "html-links", "retired_reason": "MediaWiki security page is no longer reachable reliably from the collector path; NVD replacement remains active.", "replacement_sources": [ "MediaWiki Announce RSS", "NVD MediaWiki" ], "url": "https://www.mediawiki.org/wiki/Security" }, { "system_id": "mediawiki", "display_name": "MediaWiki", "source_name": "NVD MediaWiki", "bucket": "official_sources", "kind": "nvd-search", "retired_reason": "MediaWiki announce RSS plus OSV MediaWiki now replace NVD for lower-latency machine-readable collection.", "replacement_sources": [ "MediaWiki Announce RSS", "OSV MediaWiki" ], "url": "" }, { "system_id": "moodle", "display_name": "Moodle", "source_name": "Moodle Security News", "bucket": "official_sources", "kind": "html-links", "retired_reason": "Security page is reachable with a browser-style UA, but the current markup only exposes generic \"Discuss this topic\" anchors to the collector; NVD Moodle remains the active replacement source until a richer parser is added.", "replacement_sources": [ "NVD Moodle" ], "url": "https://moodle.org/security/" }, { "system_id": "moodle", "display_name": "Moodle", "source_name": "NVD Moodle", "bucket": "official_sources", "kind": "nvd-search", "retired_reason": "OSV Moodle replaces NVD for machine-readable collection while official Moodle sources remain for cross-checking.", "replacement_sources": [ "OSV Moodle" ], "url": "" }, { "system_id": "nestjs", "display_name": "NestJS", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV NestJS remains the active replacement source.", "replacement_sources": [ "OSV NestJS" ], "url": "" }, { "system_id": "nestjs", "display_name": "NestJS", "source_name": "NVD NestJS", "bucket": "ecosystem_sources", "kind": "nvd-search", "retired_reason": "OSV NestJS replaces NVD public search for lower-latency machine-readable collection.", "replacement_sources": [ "OSV NestJS" ], "url": "" }, { "system_id": "nextjs", "display_name": "Next.js", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub Next.js Advisories and OSV Next.js remain active replacements.", "replacement_sources": [ "GitHub Next.js Advisories", "OSV Next.js" ], "url": "" }, { "system_id": "nuxt", "display_name": "Nuxt", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Nuxt Security and OSV Nuxt remain active replacements.", "replacement_sources": [ "Nuxt Security", "OSV Nuxt" ], "url": "" }, { "system_id": "opencart", "display_name": "OpenCart", "source_name": "NVD OpenCart", "bucket": "official_sources", "kind": "nvd-search", "retired_reason": "OSV OpenCart replaces NVD for machine-readable collection while official release source remains active.", "replacement_sources": [ "OpenCart Releases", "OSV OpenCart" ], "url": "" }, { "system_id": "openmage", "display_name": "OpenMage / Mage-OS", "source_name": "NVD OpenMage", "bucket": "official_sources", "kind": "nvd-search", "retired_reason": "OSV OpenMage replaces NVD for machine-readable composer-aligned collection.", "replacement_sources": [ "OpenMage GitHub Advisories", "OSV OpenMage" ], "url": "" }, { "system_id": "phpmyadmin", "display_name": "phpMyAdmin", "source_name": "NVD phpMyAdmin", "bucket": "official_sources", "kind": "nvd-search", "retired_reason": "OSV phpMyAdmin replaces NVD for machine-readable collection while the official security page remains active.", "replacement_sources": [ "phpMyAdmin Security Page", "OSV phpMyAdmin" ], "url": "" }, { "system_id": "prestashop", "display_name": "PrestaShop", "source_name": "NVD PrestaShop", "bucket": "official_sources", "kind": "nvd-search", "retired_reason": "OSV PrestaShop replaces NVD for machine-readable collection while official and ecosystem advisories remain active.", "replacement_sources": [ "PrestaShop Security Page", "GitHub PrestaShop Advisories", "OSV PrestaShop" ], "url": "" }, { "system_id": "rails", "display_name": "Ruby on Rails", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GitHub advisory API is quota-limited; OSV Rails remains the active machine-readable source.", "replacement_sources": [ "OSV Rails" ], "url": "" }, { "system_id": "rails", "display_name": "Ruby on Rails", "source_name": "NVD Ruby on Rails", "bucket": "ecosystem_sources", "kind": "nvd-search", "retired_reason": "OSV Rails replaces NVD public search for lower-latency machine-readable collection.", "replacement_sources": [ "OSV Rails" ], "url": "" }, { "system_id": "react", "display_name": "React", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub React Advisories and OSV React remain active replacements.", "replacement_sources": [ "GitHub React Advisories", "OSV React" ], "url": "" }, { "system_id": "redmine", "display_name": "Redmine", "source_name": "NVD Redmine", "bucket": "official_sources", "kind": "nvd-search", "retired_reason": "Official Redmine advisories page remains active and NVD public search is retired to reduce cold-start latency.", "replacement_sources": [ "Redmine Security Advisories" ], "url": "" }, { "system_id": "saleor", "display_name": "Saleor", "source_name": "NVD Saleor", "bucket": "official_sources", "kind": "nvd-search", "retired_reason": "OSV Saleor replaces NVD for machine-readable collection and aligns with the published PyPI package.", "replacement_sources": [ "GitHub Saleor Advisories", "OSV Saleor" ], "url": "" }, { "system_id": "shopware", "display_name": "Shopware", "source_name": "NVD Shopware", "bucket": "official_sources", "kind": "nvd-search", "retired_reason": "OSV Shopware replaces NVD for machine-readable collection with lower cold-start overhead.", "replacement_sources": [ "Shopware Security Advisories", "OSV Shopware" ], "url": "" }, { "system_id": "spring-boot", "display_name": "Spring Boot", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.", "replacement_sources": [ "Spring Security Advisories", "OSV Spring Boot" ], "url": "" }, { "system_id": "spring-framework", "display_name": "Spring Framework", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Spring official page and OSV remain the active replacements.", "replacement_sources": [ "Spring Security Advisories", "OSV Spring Framework" ], "url": "" }, { "system_id": "spring-security", "display_name": "Spring Security", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.", "replacement_sources": [ "Spring Security Advisories", "OSV Spring Security" ], "url": "" }, { "system_id": "sveltekit", "display_name": "SvelteKit", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV SvelteKit remains the active replacement source.", "replacement_sources": [ "OSV SvelteKit" ], "url": "" }, { "system_id": "symfony", "display_name": "Symfony", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GitHub advisory API is quota-limited; OSV Symfony remains the active machine-readable source.", "replacement_sources": [ "OSV Symfony" ], "url": "" }, { "system_id": "undici", "display_name": "Undici", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Undici remains the active replacement source.", "replacement_sources": [ "OSV Undici" ], "url": "" }, { "system_id": "undici", "display_name": "Undici", "source_name": "NVD Undici", "bucket": "ecosystem_sources", "kind": "nvd-search", "retired_reason": "OSV Undici replaces NVD public search for lower-latency machine-readable collection.", "replacement_sources": [ "OSV Undici" ], "url": "" }, { "system_id": "vite", "display_name": "Vite", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vite Security and OSV Vite remain active replacements.", "replacement_sources": [ "Vite Security", "OSV Vite" ], "url": "" }, { "system_id": "vue", "display_name": "Vue", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vue Security and OSV Vue remain active replacements.", "replacement_sources": [ "Vue Security", "OSV Vue" ], "url": "" }, { "system_id": "webpack", "display_name": "webpack", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV webpack remains the active replacement source.", "replacement_sources": [ "OSV webpack" ], "url": "" }, { "system_id": "webpack", "display_name": "webpack", "source_name": "NVD webpack", "bucket": "ecosystem_sources", "kind": "nvd-search", "retired_reason": "OSV webpack replaces NVD public search for lower-latency machine-readable collection.", "replacement_sources": [ "OSV webpack" ], "url": "" }, { "system_id": "werkzeug", "display_name": "Werkzeug", "source_name": "GitHub Global Advisories", "bucket": "official_sources", "kind": "ghsa-global", "retired_reason": "Unauthenticated GitHub advisory API is quota-limited; OSV Werkzeug remains the active machine-readable source.", "replacement_sources": [ "OSV Werkzeug" ], "url": "" }, { "system_id": "woocommerce", "display_name": "WooCommerce", "source_name": "NVD WooCommerce", "bucket": "official_sources", "kind": "nvd-search", "retired_reason": "OSV WooCommerce replaces NVD for machine-readable collection while official and ecosystem advisory pages remain active.", "replacement_sources": [ "Woo Developer Advisories", "GitHub WooCommerce Advisories", "OSV WooCommerce" ], "url": "" }, { "system_id": "wordpress", "display_name": "WordPress", "source_name": "NVD WordPress", "bucket": "official_sources", "kind": "nvd-search", "retired_reason": "WordPress official RSS plus ecosystem plugin intelligence cover active collection with lower cold-start latency and lower public-search dependence than NVD.", "replacement_sources": [ "WordPress Security News RSS", "Wordfence Vulnerability Database", "WPScan Vulnerability Database" ], "url": "" } ], "replacement_map": [ { "system_id": "adobe-commerce", "retired_source": "Adobe Security Bulletins", "replacement_sources": [ "Adobe Magento Security Index", "NVD Adobe Commerce", "GHSA Adobe Commerce" ] }, { "system_id": "adobe-commerce", "retired_source": "GHSA Adobe Commerce", "replacement_sources": [ "Adobe Magento Security Index", "NVD Adobe Commerce" ] }, { "system_id": "adobe-commerce", "retired_source": "Sansec Research", "replacement_sources": [ "GHSA Adobe Commerce", "Adobe Magento Security Index" ] }, { "system_id": "angular", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV Angular" ] }, { "system_id": "astro", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV Astro" ] }, { "system_id": "discourse", "retired_source": "Discourse Meta Security", "replacement_sources": [ "Discourse Release Notes RSS", "GitHub Discourse Advisories" ] }, { "system_id": "discourse", "retired_source": "GitHub Discourse Advisories", "replacement_sources": [ "Discourse Release Notes RSS", "Discourse Security RSS" ] }, { "system_id": "django", "retired_source": "Django Security RSS", "replacement_sources": [ "Django Security Weblog", "Django Security Releases Archive" ] }, { "system_id": "drupal", "retired_source": "NVD Drupal", "replacement_sources": [ "Drupal Security Advisories RSS", "OSV Drupal" ] }, { "system_id": "esbuild", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV esbuild" ] }, { "system_id": "esbuild", "retired_source": "NVD esbuild", "replacement_sources": [ "OSV esbuild" ] }, { "system_id": "express", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV Express" ] }, { "system_id": "express", "retired_source": "NVD Express.js", "replacement_sources": [ "OSV Express" ] }, { "system_id": "fastify", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV Fastify" ] }, { "system_id": "flask", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV Flask" ] }, { "system_id": "ghost", "retired_source": "NVD Ghost", "replacement_sources": [ "Ghost GitHub Advisories", "OSV Ghost" ] }, { "system_id": "hapi", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV Hapi" ] }, { "system_id": "haproxy", "retired_source": "HAProxy Security Advisories", "replacement_sources": [ "HAProxy Blog Feed" ] }, { "system_id": "joomla", "retired_source": "NVD Joomla", "replacement_sources": [ "Joomla Security Centre", "OSV Joomla" ] }, { "system_id": "koa", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV Koa" ] }, { "system_id": "laravel", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV Laravel" ] }, { "system_id": "mattermost", "retired_source": "Mattermost Security Updates", "replacement_sources": [ "NVD Mattermost" ] }, { "system_id": "mattermost", "retired_source": "NVD Mattermost", "replacement_sources": [ "Mattermost Security Updates JSON", "OSV Mattermost" ] }, { "system_id": "mediawiki", "retired_source": "MediaWiki Security Releases", "replacement_sources": [ "MediaWiki Announce RSS", "NVD MediaWiki" ] }, { "system_id": "mediawiki", "retired_source": "NVD MediaWiki", "replacement_sources": [ "MediaWiki Announce RSS", "OSV MediaWiki" ] }, { "system_id": "moodle", "retired_source": "Moodle Security News", "replacement_sources": [ "NVD Moodle" ] }, { "system_id": "moodle", "retired_source": "NVD Moodle", "replacement_sources": [ "OSV Moodle" ] }, { "system_id": "nestjs", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV NestJS" ] }, { "system_id": "nestjs", "retired_source": "NVD NestJS", "replacement_sources": [ "OSV NestJS" ] }, { "system_id": "nextjs", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "GitHub Next.js Advisories", "OSV Next.js" ] }, { "system_id": "nuxt", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "Nuxt Security", "OSV Nuxt" ] }, { "system_id": "opencart", "retired_source": "NVD OpenCart", "replacement_sources": [ "OpenCart Releases", "OSV OpenCart" ] }, { "system_id": "openmage", "retired_source": "NVD OpenMage", "replacement_sources": [ "OpenMage GitHub Advisories", "OSV OpenMage" ] }, { "system_id": "phpmyadmin", "retired_source": "NVD phpMyAdmin", "replacement_sources": [ "phpMyAdmin Security Page", "OSV phpMyAdmin" ] }, { "system_id": "prestashop", "retired_source": "NVD PrestaShop", "replacement_sources": [ "PrestaShop Security Page", "GitHub PrestaShop Advisories", "OSV PrestaShop" ] }, { "system_id": "rails", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV Rails" ] }, { "system_id": "rails", "retired_source": "NVD Ruby on Rails", "replacement_sources": [ "OSV Rails" ] }, { "system_id": "react", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "GitHub React Advisories", "OSV React" ] }, { "system_id": "redmine", "retired_source": "NVD Redmine", "replacement_sources": [ "Redmine Security Advisories" ] }, { "system_id": "saleor", "retired_source": "NVD Saleor", "replacement_sources": [ "GitHub Saleor Advisories", "OSV Saleor" ] }, { "system_id": "shopware", "retired_source": "NVD Shopware", "replacement_sources": [ "Shopware Security Advisories", "OSV Shopware" ] }, { "system_id": "spring-boot", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "Spring Security Advisories", "OSV Spring Boot" ] }, { "system_id": "spring-framework", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "Spring Security Advisories", "OSV Spring Framework" ] }, { "system_id": "spring-security", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "Spring Security Advisories", "OSV Spring Security" ] }, { "system_id": "sveltekit", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV SvelteKit" ] }, { "system_id": "symfony", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV Symfony" ] }, { "system_id": "undici", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV Undici" ] }, { "system_id": "undici", "retired_source": "NVD Undici", "replacement_sources": [ "OSV Undici" ] }, { "system_id": "vite", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "Vite Security", "OSV Vite" ] }, { "system_id": "vue", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "Vue Security", "OSV Vue" ] }, { "system_id": "webpack", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV webpack" ] }, { "system_id": "webpack", "retired_source": "NVD webpack", "replacement_sources": [ "OSV webpack" ] }, { "system_id": "werkzeug", "retired_source": "GitHub Global Advisories", "replacement_sources": [ "OSV Werkzeug" ] }, { "system_id": "woocommerce", "retired_source": "NVD WooCommerce", "replacement_sources": [ "Woo Developer Advisories", "GitHub WooCommerce Advisories", "OSV WooCommerce" ] }, { "system_id": "wordpress", "retired_source": "NVD WordPress", "replacement_sources": [ "WordPress Security News RSS", "Wordfence Vulnerability Database", "WPScan Vulnerability Database" ] } ] }