VulGD: A LLM-Powered Dynamic Open-Access Vulnerability Graph Database

TL;DR

VulGD is a real-time, accessible vulnerability graph database that integrates LLM embeddings to improve cybersecurity risk assessment and is publicly available for research and practical use.

Contribution

It introduces a dynamic, open-access vulnerability graph database that combines multi-source data aggregation with LLM-based enrichment for enhanced analysis.

Findings

Provides real-time updates from authoritative sources.

Enables interactive exploration via web interface and API.

Utilizes LLM embeddings for better vulnerability representation.

Abstract

Software vulnerabilities continue to pose significant threats to modern information systems, requiring a timely and accurate risk assessment. Public repositories, such as the National Vulnerability Database and CVE details, are regularly updated, but predominantly utilize relational data models that lack native support for representing complex, interconnected structures. To address this, recent research has proposed graph-based vulnerability models. However, these systems often require complex setup procedures, lack real-time multi-source integration, and offer limited accessibility for direct data retrieval and analysis. We present VulGD, a dynamic open-access vulnerability graph database that continuously aggregates cybersecurity data from authoritative repositories. Designed for both expert and non-expert users, VulGD provides a unified web interface and a public API for interactive graph exploration and automated data access. Additionally, VulGD integrates embeddings from large language models (LLMs) to enrich vulnerability description representations, facilitating more accurate vulnerability risk assessment and threat prioritization. VulGD represents a practical and extensible platform for cybersecurity research and decision-making. The live system is publicly accessible at http://34.129.186.158/.