Browse documentation
Viewing vulnerabilities by package
โฉ Vulnerabilities
The Vulnerabilities page is your org-wide view of open findings, correlated from reported software inventory against the NVD mirror. This article covers reading and filtering it.
The summary
At the top, four cards show open-finding counts by severity โ Critical, High, Medium, Low โ and a line summarises open findings ยท distinct CVEs ยท hosts affected. Panels highlight the most widespread CVEs and the most exposed hosts. Select a severity card to filter to it.
Grouped vs Flat
A toggle switches how findings are listed:
- Grouped (default) โ one collapsible row per affected package. The header shows the worst severity, the product name, a breakdown (e.g. 1 Critical, 2 High), the number of hosts affected, and the total CVE count. Expand a package to see each CVE, its CVSS score, the affected host, and the installed version.
- Flat โ one row per individual finding, with columns for Severity, CVE, Confidence, CVSS, Host, Product, Version, and First seen.
Grouped is best for "which software is exposing us"; Flat is best for scanning every finding.
Filtering
- Search across CVE ID, product name, and hostname.
- Filter by severity.
- CVE IDs link out to the full entry on the NVD website; hosts link to their detail page.
Acting on findings
- Scan vulnerabilities (top-right) re-correlates inventory on demand.
- Create tasks for all turns the currently filtered findings into remediation tasks in one action (priorities and due dates are set from severity).
- Individual findings can be turned into a single task or suppressed โ see Investigating a CVE.
Suppression rules
Durable suppression rules hide matching findings you've accepted or judged false positives. They appear in a panel at the bottom showing each rule's CVE and/or product, scope (a specific host or all hosts), and reason. Removing a rule restores the findings it hid.
Suppressing is durable โ the finding stays hidden until you remove the rule. This is different from a one-off dismiss, which can reappear on the next scan.
Notes & tips
- Severity here uses Critical / High / Medium / Low (with None/Unknown for unscored CVEs).
- Start with the Grouped view and the Critical card to triage the highest-impact software first.