Changelog

unified API key system

Single key system across the platform. Keys are now created from the dashboard and work immediately with the API. SHA256 hashed storage, rdi_ prefix, shown once on creation.

rate limiting

Per-minute burst, daily, and monthly rate limits enforced via Redis. Rate limit headers (X-RateLimit-*) included in every API response. Limits tied to your subscription plan.

email verification

Email verification required before creating API keys. Prevents abuse and ensures account security.

passkey support

Passwordless sign-in with WebAuthn passkeys. Register from your dashboard, sign in with biometrics or security keys.

AI-generated detection rules

Automatic Nuclei template generation for CVEs with public exploits. Templates are generated, validated, and scored before publishing.

pre-NVD detection

CVEs with proof-of-concept code but no NVD entry are now tracked and flagged. Get intelligence before official disclosure.

code search integration

Exploit discovery enhanced with code search across public repositories. Finds exploit code that GitHub search misses.

MCP server

Native Model Context Protocol server with 11 tools. AI agents can lookup CVEs, pull daily threat briefings, get detection rules, and search by vendor without integration code.

threat scoring

Composite threat scores combining exploit maturity, active exploitation, EPSS probability, and real-world activity signals into a single 0-100 score.

news aggregation

Security news feed with automated quality scoring and CVE correlation. Surfaces articles about actively exploited vulnerabilities.