Security feeds
Free · no account · no tracking · 613 products in scope
Subscribe to IsItPatched in your feed reader, Slack/Teams channel, automation tool or SIEM. The feeds are deliberately high-signal — what's being exploited, what's reaching end of life, and a weekly summary — so your channel stays useful, not noisy.
Actively exploited CVEs
RSSThe newest vulnerabilities added to CISA's Known Exploited Vulnerabilities (KEV) catalog that affect software we track — severity, weakness type, EPSS and ransomware flags included. 1046 CVEs currently in scope.
Ransomware-linked vulnerabilities
RSSThe highest-signal slice: vulnerabilities CISA links to ransomware campaigns. The ones to patch first.
Per-product feed
RSSSecurity alerts for just the software you run — newly-exploited CVEs and end-of-life events for one product. One feed per tracked product: swap "nginx" for any product (613 available). Each product page also auto-advertises its own feed.
Emerging — news linked to your stack (BETA)
RSSTrusted security reporting (first-party vendor advisories, research & CISA) machine-linked to the software we track. Each item is attributed and links to its source — never asserted as our own finding.
Recently patched
RSSThe good news: tracked software that just shipped a new supported release — newest first, with the safe version to move to. The positive counterpart to the exploited feed.
End of life ("RIP")
RSSRelease lines that have just reached end of life and stopped receiving security updates — so you catch a sunset the day it happens, not months later.
End-of-life — 30-day warning
RSSPlan-ahead heads-up: release lines reaching end of life within the next 30 days. Each posts ~30 days before the date, so you upgrade before security updates stop — not on the day.
Weekly security digest
RSSOne roll-up per week: how many CVEs were newly exploited, how many releases reached end of life, and new criticals across the tracked stack.
Newly tracked software
RSSSoftware newly added to IsItPatched — each with a health score, exploited-CVE tracking, the minimum safe version and end-of-life dates. Follow to know the moment we start covering a product you run (613 tracked and growing).
New-KEV (today)
JSONFor developers/automation: a JSON array of today's new-KEV vulnerabilities ∩ tracked products, enriched with vendor, product, slug and minimum safe version. Built for Make/Zapier/CI, not feed readers.
How to subscribe
- Feed reader (Feedly, Inoreader, NetNewsWire) — paste any RSS URL above. Most pages here also auto-advertise the feeds, so your reader will offer them automatically.
- Slack —
/feed subscribe https://isitpatched.com/feed/exploited.xmlin the channel you want alerts in. - Microsoft Teams — add the RSS connector to a channel and paste the feed URL.
- Make / Zapier / dlvr.it — use a "Watch RSS feed items" trigger (or HTTP GET the JSON endpoint) to route alerts anywhere.
- SIEM / SOAR — ingest the RSS or poll the
/api/feed/new-kevJSON for same-day KEV affecting your stack.
Frequently asked
Are the IsItPatched feeds free?
Yes — all feeds are free, public, and require no account or API key. Subscribe in any RSS reader or automation tool.
How often do the feeds update?
The data syncs roughly three times a day, so the RSS feeds refresh on that cadence. The weekly digest publishes a new item every Monday.
Can I post these to Slack or Microsoft Teams?
Yes. Slack has a built-in /feed subscribe command and Teams has an RSS connector — paste the feed URL and you get the alerts in a channel. They also work with Make, Zapier, dlvr.it and any SIEM that ingests RSS.
Is there a feed of all CVEs?
No — the feeds are deliberately high-signal: actively-exploited (KEV) vulnerabilities, end-of-life events, and a weekly summary. That keeps your channel useful rather than noisy.
We track 613 products and add more by request. Suggest a tool and once it's added, its per-product feed appears automatically — nothing else to do.
Suggest software to track →