With the big Microsoft patch day this June, I set out to add simple support for it on our site. Then I saw how many people were searching for KB numbers, CVE details, and the one question hiding behind both of them: is this actually being exploited, and do I have to move now? So I built something bigger than a single page. It is a set of free trackers that pull the authoritative sources together and rank by real risk.
The rules I set for myself
Before writing a line of it, I set a few ground rules. No login. No payment. Updated multiple times a day. And everything exportable to CSV and JSON, with RSS and JSON feeds so you can wire it into your own tooling. I found every free, authoritative source I could and pulled them together, giving each of them the credit they deserve.
The point was to be useful on its own, not a gate in front of a sign-up form. You should be able to land on it, get your answer, and leave, or subscribe to a feed and never come back to the page at all.
What is in the tracker set
Each tracker answers a different version of "what do I patch, and when."
- Exploited CVEs (non-Microsoft): every flaw in CISA's Known Exploited Vulnerabilities catalog, ranked by FIRST.org EPSS, with ransomware flags, CISA due dates, and the vendor fix for each.
- Microsoft Patch Tracker: Patch Tuesday releases ranked by real risk, not just CVSS.
- Exploited This Week: the newest CISA KEV additions, grouped by vendor.
- End-of-Life Products: what is past support and when, so you can plan replacements before they become the gap.
- CVE and Vulnerability Management: searchable across 12,000+ CVEs and Microsoft KBs, each with its own detail page.
- By vendor: exploited-CVE history for Cisco, Citrix, Fortinet, Ivanti, Palo Alto, VMware, and more.
- All of the trackers in one place, and the JSON and RSS feeds, no login required.
Full non-Microsoft CISA KEV coverage, one page per CVE
Every actively exploited third-party CVE has its own permanent reference page. That page carries the EPSS score, the CISA due date and required action, whether it is tied to ransomware, the vendor advisory that fixes it, and the other exploited CVEs from the same vendor. So instead of pasting a raw NVD URL into a ticket, you can drop a clean link that already has the triage context attached. It is the entity-page model applied to the KEV catalog: one indexable, linkable page for every exploited vulnerability.
A Senserva AI read and a copy-paste AI prompt on every tracker
Two things make the trackers more than a static list. First, each page carries a short plain-language risk read: what changed, what is worth your attention, written from that day's live data, not invented. Second, each page has a ready-to-paste AI prompt built from the same live data, so you can drop the current exploited-CVE set into Claude, ChatGPT, or Copilot and triage it in your own words. No account, nothing to install. See Claude and the Senserva MCP if you want to go further and query your own environment.
Where the data comes from
The trackers pull from CISA KEV, NVD, FIRST.org EPSS, and Microsoft MSRC, cross-referenced with VulnCheck KEV and the ENISA EUVD. Every source is credited on the feeds and API page. The trackers do not replace those sources; they stitch them together and rank the result so you are not tab-hopping between five catalogs at eight in the morning.
Where this comes from
This work is not a bolt-on. I built HfNetChk, which became the foundation for Microsoft's Baseline Security Analyzer, and then Shavlik Technologies, which helped invent automated patch management as an industry before it was acquired. Ranking vulnerabilities by what is actually being exploited, and tying each one back to the update that fixes it, is the problem I have spent a career on. These trackers are that instinct made public and free. More on the Shavlik patch heritage.
Try it, and tell me what is missing
Everything above is live right now, free, with no sign-in. I would rather it be genuinely useful than a landing page, so if there is a source you want added, a column you wish it had, or a feed shape that would fit your tooling better, I want to hear it.
Open the full set of trackers, grab the JSON and RSS feeds, or run Senserva against a free demo tenant.