About
How this hub works and what it tracks
What It Monitors
CISA Known Exploited Vulnerabilities
CISA’s authoritative catalog of vulnerabilities confirmed to be exploited in the wild, filtered to Rockwell Automation entries. Every new KEV addition triggers an immediate Slack alert.
JSON Feed · DailyView Source →
CISA ICS Advisories
Industrial Control System security advisories published by CISA, collected via CSAF JSON files on GitHub. Covers the last 24 months of advisories mentioning Rockwell Automation.
CSAF / GitHub · As publishedView Source →
NVD CVE Database
The National Vulnerability Database CVE API, searched for “Rockwell Automation”. Includes CVSS scores, affected products from CPE data, and reference links.
REST API · Every 6 hoursView Source →
Rockwell Automation Advisories
Security advisories published directly by Rockwell Automation on their Trust Center. Covers advisories from the last 24 months, including CVSS scores, affected products, CVE IDs, and KEV status.
HTML Scrape · Every 6 hoursView Source →
Security News
Recent news articles about Rockwell Automation vulnerabilities, CVEs, and exploits via Google News RSS. CVE IDs are extracted automatically from headlines and summaries.
RSS Feed · ContinuousView Source →
Severity Levels
Data & Freshness
Collection schedule:
Every 6 hours via cron. The full pipeline runs collector.py → generate_site.py,
fetching from all four sources, deduplicating against the local SQLite database, and rebuilding the entire static site.
Storage: All findings are stored in a local SQLite database. The site itself is fully static HTML — no server-side logic at request time.
Pages: Latest shows the most recent findings (72h, falling back to 30 days if quiet). Feed shows all findings with full filtering. Archive shows all findings from 2025 onward, grouped by month. An RSS feed is available at rss.xml.