Prioritize 5,000+ vulnerabilities in seconds using CISA KEV, FIRST EPSS, and CVSS — without uploading your data.
$ pip install vulnpilot
CVSS scores alone do not tell you what is actively being exploited right now. VulnPilot combines three signals to give you a definitive remediation order.
| Traditional workflow | VulnPilot |
|---|---|
| ✗ Sort thousands of CVEs manually | ✓ Prioritized automatically in seconds |
| ✗ CVSS score only | ✓ KEV + EPSS + CVSS composite |
| ✗ Hours of analysis per scan cycle | ✓ Results in seconds |
| ✗ Upload to cloud services | ✓ Runs entirely on your machine |
| ✗ Enterprise-only platforms | ✓ Free and open source |
VulnPilot cross-references your Nessus scan output against three public data sources — all processed locally. No vulnerability data is transmitted outside your environment.
Public Threat Intelligence
+-------------------------------+
| CISA KEV FIRST EPSS |
+---------------+---------------+
|
vulnpilot update-feeds
|
~/.vulnpilot/feeds/ (local cache)
|
vulnpilot analyze
|
Nessus CSV (Local Machine Only)
|
Composite Risk Engine
|
Prioritized Findings
Powered by public threat intelligence from
The composite score is intentionally opinionated and fully transparent. Known exploited vulnerabilities receive the greatest weight because active exploitation is a stronger predictor of remediation priority than severity alone.
| Signal | Weight | Source |
|---|---|---|
| CISA KEV match | 40% | Known exploited in the wild |
| FIRST EPSS score | 35% | Exploitation probability |
| CVSS base score | 15% | Severity context |
| Scanner risk rating | 10% | Nessus severity label |
VulnPilot provides prioritization guidance to assist remediation workflows. Final decisions should always consider asset criticality, business context, and organizational risk tolerance.
Development priorities are driven by community feedback and real-world usage.
Install with pip. Requires Python 3.10, 3.11, or 3.12. Three steps.
vulnpilot update-feeds once to cache locally. After that, analysis works completely offline.vulnpilot update-feeds to pull the latest data anytime.