CVE Details#
Click a vulnerability in the first pane to display its details in the second pane.

Description Tab#
The Description tab shows detailed information about the vulnerability.

The following items are displayed in the vulnerability details:
| Item | Details |
|---|---|
| Summary | Displays descriptions and scores from vulnerability databases such as NVD, JVN, Red Hat, Microsoft, and EUVD. |
| LLM Summary | Displays a vulnerability summary generated by an LLM (Large Language Model) (available since July 14, 2025). For details, see LLM Vulnerability Summary. |
| CVSS | Displays detailed CVSS (v2 / v3 / v4) base metrics derived from CVSS vectors in vulnerability databases such as NVD and OVAL. |
| CVE Priority | Allows you to manually set the priority for individual vulnerabilities. However, priorities set by a Special Alert Tag cannot be overridden. |
| EPSS | Displays the EPSS score, percentile, and a link to "CVEdetails". |
| Security Alert | If alert information from CISA KEV, VulnCheck KEV, ENISA KEV, JPCERT/CC-Alerts, or CISA-Alerts is found, a link is displayed. |
| Exploit Code | If exploit code is found, a link and description are displayed. |
| Mitigation | Displays links related to mitigating the vulnerability risk through configuration changes. |
| CWE | Displays the CWE related to the vulnerability. |
| Linux Distribution Support Page | Displays the official vulnerability information page published by each distribution. |
| Primary Source | Displays the support page URL for each vendor. |
| Reference | Displays references related to the vulnerability. |
Recalculate CVSS Score#
Click "Recalculate CVSS Score" below the CVSS section to open the recalculation page. The score calculated using Temporal metrics and the score calculated using both Temporal and Environmental metrics are displayed.

Additionally, for vulnerabilities where exploit code is publicly available, a hint is displayed in a red box on the exploitability metric in the "Temporal Metrics" section.

EPSS#
EPSS consists of a Score and a Percentile. The meaning of each value is as follows:
| Item | Details |
|---|---|
| Score | Represents the probability that the vulnerability will be exploited in the next 30 days. A higher value indicates a higher probability of exploitation and a greater threat. |
| Percentile | Represents the percentage of vulnerabilities with an EPSS score lower than that of the given vulnerability. A higher value means the vulnerability has a higher threat level compared to others. |
For more information about EPSS concepts and score distribution, please refer to "Glossary".
Handling EPSS
EPSS is an indicator that quantifies the threat level of a vulnerability, and it does not represent the risk posed by the vulnerability. (This is similar to how the CVSS Base Score only represents the severity of a vulnerability, not the actual risk.)
Even if the EPSS score is high, the impact may not be severe, or it may not adversely affect your organization.
LLM Vulnerability Summary#
New Feature (from July 14, 2025)
LLM-generated (Large Language Model) vulnerability summaries are now available.
The vulnerability details screen displays an LLM-generated summary. Two types of summaries are generated:
1. Vulnerability Summary#
The summary is created from data collected by FutureVuls, such as:
- Overviews published by NVD and various vendors
- Values such as CVSS, CWE, and EPSS
The "Vulnerability Summary" is typically generated for all CVEs.

2. Threat Information Summary#
This summarizes known exploitation activity and countermeasures for a CVE.
The "Threat Information Summary" is created only for CVEs that have been confirmed to be actively exploited. Specifically, it covers CVEs where the SSVC "Exploitation" decision point is set to Active.

This feature makes it easier for non-security experts to understand the nature and severity of vulnerabilities.
The LLM summary is provided for reference purposes only. Please be sure to base your remediation decisions on primary sources and official vulnerability information.
Summary Feedback Feature#
To improve the quality of LLM-generated summaries, users can rate each summary.
- "Good" and "Bad" feedback buttons are displayed at the bottom of each summary.
- Your feedback will be used to improve the quality of generated summaries in the future.
- Feedback is optional and can be skipped.
Topics#
In FutureVuls, you can create topics for each vulnerability to share investigation results and comments within your group and organization.
For more details, please see "Information Sharing and Alerts via Topics".
Tasks × Servers#
Tasks and servers related to the selected vulnerability are displayed.
Only Open or Ongoing tasks are displayed; resolved or hidden tasks are not shown.
High-risk Software#
A list of servers where the affected software is installed is displayed. For details on the list, please see "Software List".