Yes. The free tier includes the full CVE feed (50/day), NullScore™ ranking, CISA KEV flagging, and tech stack filtering for up to 3 components. No credit card required, no time limit.
How accurate is the NullScore™? ▾
NullScore™ is a composite of five publicly available signals: CVSS severity (35%), EPSS exploitation probability (25%), CISA KEV status (20%), public PoC availability (15%), and stack match bonus (5%). The methodology is published and versioned. It's a prioritization tool, always verify critical findings with official vendor advisories.
How often is the data updated? ▾
The pipeline runs daily. CISA KEV updates are typically reflected within 1 hour of publication. NVD data is refreshed every 24 hours. EPSS scores are updated by First.org daily and we sync them on the same schedule.
Do you store my tech stack data? ▾
Your stack configuration is stored to power your personalized feed. We never sell it, share it with third parties, or use it to train models. You can delete your data at any time. See our Privacy Policy for full details.
Is there an API I can use? ▾
Yes. Full REST API access is available on the Pro plan ($29/month). The API returns NullScore-ranked CVEs filterable by severity, KEV status, PoC availability, EPSS threshold, and stack. Documentation is available at docs.nullcve.io.
Can I get a demo for my team? ▾
Absolutely. Email [email protected] and we'll set up a walkthrough. Enterprise plans include custom compliance frameworks, SSO, RBAC, and a dedicated support channel.
Send us a message
We typically respond within 24 hours.
Your name
Email address
Subject
Message
By submitting you agree to our Privacy Policy. No spam, ever.
✅
Message sent!
Thanks for reaching out. We'll get back to you at the email you provided within 24 hours.