Ingestion Pipeline
Learn how ZeroDayDB ingests, normalizes, and publishes vulnerability data from the sources it operates today.
Scheduled Collection
Source adapters revisit upstream feeds throughout the day so the database stays current without manual refreshes.
Fast Processing
Fresh records are normalized, deduplicated, and queued for enrichment before they appear in the product.
Current Sources
We currently ingest NVD, OSV, GitHub Security Advisories, CVE.org, and Exploit-DB.
Data Validation
Every record goes through validation, deduplication, and quality checks before it is published.
Pipeline Architecture
Source Collection
Source adapters pull from APIs, git-backed feeds, and bulk exports. Each adapter manages cursors, pagination, and source-specific rate limits.
Normalization
Raw records are mapped into a shared schema so identifiers, timestamps, severities, and package metadata can be compared consistently.
Enrichment
Records gain additional references, package ranges, severity context, proof-of-concept links, and related writeups when that evidence is available.
Deduplication
Overlapping disclosures are merged by identifiers, affected packages, and source evidence so the same issue does not appear as multiple unrelated records.
Validation & Quality Control
Automated checks verify required fields, guard against malformed payloads, and flag suspicious data for review.
Publication
Validated vulnerabilities are written to the database, indexed for search, and exposed through the web app, API, CLI, and MCP server.
Data Sources
See the Published Output
The fastest way to evaluate the pipeline is to inspect the records it has already published. Recent disclosures reflect the same ingestion and enrichment flow described above.
Browse Recent Vulnerabilities