Data Sources

Vioro integrates with external data sources to provide vulnerability intelligence and security monitoring. This page documents those sources and their terms of use.

National Vulnerability Database (NVD)

Vioro uses the NVD API to retrieve vulnerability data (CVE records) for matching against detected software on monitored domains.

This product uses the NVD API but is not endorsed or certified by the NVD.

CVE® is a registered trademark of The MITRE Corporation. NVD data is provided by the National Institute of Standards and Technology (NIST).

How we use NVD data

• We periodically synchronize CVE records from the NVD API for software products relevant to our monitoring scope (e.g. WordPress, Joomla, Drupal and their ecosystem).
• Detected CMS versions on your domains are matched against known CVE version ranges to surface applicable vulnerabilities.
• Vulnerability severity ratings (CVSS scores) displayed in the Vioro dashboard originate from NVD data.

Data freshness

NVD data is synchronized incrementally. There may be a short delay between a CVE being published in the NVD and appearing in your Vioro dashboard.

Last updated: 2026-05-03