Dashboard View

The Vulnerabilities tab in the dashboard transforms raw scan results into an actionable triage interface - grouping findings by package and severity, surfacing exploitation intelligence, and letting your team focus on the vulnerabilities that pose genuine risk.

Summary metrics

At the top of the tab, a severity distribution bar gives an at-a-glance breakdown of all findings:

Severity distribution

A color-coded progress bar showing the proportion of Critical, High, Medium, and Low vulnerabilities across all dependencies.

Total vulnerabilities

The overall count of findings, with per-severity breakdowns available on hover.

Active exploitation flag

A prominent badge when any finding appears in the known-exploited catalog, linking directly to those entries.

Packages affected

How many distinct dependencies carry at least one known vulnerability.

Vulnerability cards

Findings are grouped into collapsible cards by package name and severity. Each card surfaces the information needed for a triage decision:

CVE identifiers

Standard identifiers for each vulnerability, with direct links to the NVD and OSV advisory pages.

CVSS score and vector

The severity rating on the 0-10 scale. Hovering reveals the full CVSS vector string explaining how the score was calculated.

Exploitation probability

The EPSS score (0-1) with its percentile ranking, shown as a visual progress bar. Higher scores indicate a greater likelihood of exploitation within the next 30 days.

Known exploitation

A badge indicating whether the vulnerability is confirmed as actively exploited in the wild, sourced from a government-maintained catalog updated daily.

Fixed version

The earliest version that resolves the vulnerability, when one is available. Helps teams plan the minimum upgrade required.

Affected version range

The installed version and the full range of affected versions, showing exactly where your dependency falls.

Expanding a card reveals the full vulnerability summary and a link to the original advisory, giving engineers the context they need without leaving the dashboard.

Filtering and sorting

The tab supports real-time text search across CVE identifiers, package names, and vulnerability summaries. Dedicated filters let you narrow the view by severity level or toggle to show only actively exploited vulnerabilities.

Results can be sorted by severity, CVSS score, or exploitation probability - making it easy to surface the highest-risk findings first, regardless of how many total vulnerabilities are present.