// CYBERHAWK WEEKLY

The CVE digest for AI builders, vibe coders, and OSS maintainers.

CISA KEV + NVD high/critical, sifted every Friday and tagged for the stack you actually ship. Every CVE links out to the source, the news, and a one-paste audit for your repo.

RSS ↓ Audit your stack Scheduled audits field guide

// THE FEED

Loading feed…

Audit your stack

One-paste recipe for Claude / Cursor / ChatGPT. Uses osv.dev directly — nothing depends on us.

Show the recipe

List every dependency manifest in this repo (package.json, requirements.txt, go.mod, Cargo.toml, pom.xml, Gemfile, composer.json — whichever apply). For each declared package and version, query osv.dev for known vulnerabilities. For every match, show the CVE id, severity, the affected version range, and the fixed version. Draft the version bump and either open a PR (if you have repo write access) or summarize the diff in a comment. If nothing matches, reply: "Clean run — no advisories matched."

→ Run it on a schedule (field guide)