Today weβre releasing Vulnerability-Lookup 4.0.0, and this is a big one.
π Remote Instance Synchronization
This version is paving the way for federated deployments of Vulnerability-Lookup instances. You can now synchronize multiple Vulnerability-Lookup instances and share:
- π¬ Comments
- π¦ Bundles
- ποΈ Sightings
- π¨ KEV entries (GCVE BCP-07)
This introduces a true federated model for vulnerability intelligence sharing.
Full breakdown available here:
π https://www.vulnerability-lookup.org/2026/02/16/vulnerability-lookup-4-0-0/
Letβs take a look at all the notable changes.
π Remote Instance Synchronization β Whatβs Inside
This release introduces a complete sync engine designed for reliability, transparency, and operational control.
A local instance can now pull objects β including bundles, comments, sightings, and KEV entries β from configured remote Vulnerability-Lookup instances via their public APIs.
The synchronization engine includes:
- Remote instance management with per-object-type synchronization controls
- Timestamp-based update detection to keep data consistent
- Asynchronous scheduler with graceful shutdown support
- CLI command and systemd service template for automation
- Administrative controls to trigger synchronization manually
- Visual indicators in the interface to clearly identify synchronized objects
π Feeder Improvements
Expanded data ingestion:
- New RustSec OSV feeder
- New OSS-Fuzz feeder (with YAML support in OSV)
- More generic CSAF and OSV templates
This strengthens Vulnerability-Lookupβs position as a correlation hub across heterogeneous vulnerability sources.
π¨ UI Improvements
- Redesigned global dashboard layout for better visibility and structure.
More details:
π https://www.vulnerability-lookup.org/2026/02/16/vulnerability-lookup-4-0-0/
If you're running Vulnerability-Lookup and interested in interconnecting instances across organizations or teams β this release is for you.
π Project: https://www.vulnerability-lookup.org/ π¦ Code: https://github.com/vulnerability-lookup/vulnerability-lookup
Feedback, experiments, and federated setups welcome.
Feel free to create an account on the instance operated by CIRCL (Computer Incident Response Center Luxembourg):
https://vulnerability.circl.lu/
πΆπͺπΊ Funding
Vulnerability-Lookup is co-funded by CIRCL (Computer Incident Response Center Luxembourg) and by the European Union via the hashtag hashtag#NGSOTI project. More information on the page from Restena Foundation: https://www.restena.lu/en/project/ngsoti
#VulnerabilityManagement #CVE #KEV #GCVE #CVD #CyberSecurity #Federation
2
Vulnerability-Lookup 4.0.0 is out β Federation is here
(www.vulnerability-lookup.org)
there doesn't seem to be anything here
this post was submitted on 16 Feb 2026
2 points (100.0% liked)
cybersecurity
5390 readers
36 users here now
An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Community Rules
- Be kind
- Limit promotional activities
- Non-cybersecurity posts should be redirected to other communities within infosec.pub.
Enjoy!
founded 2 years ago
MODERATORS