Vulnotes LogoVulnotes

Appearance

Creating Vulnerabilities

Creating Vulnerabilities

When you create a new vulnerability, you first select which vulnerability template it should belong to. This determines the fields available for editing.

Then fill in the fields. Here is what a typical vulnerability looks like in the editor:

Edit vulnerability

The fields shown depend on your vulnerability template. In this example, the "Active directory" template provides a title, description, CVSS v3.1 calculator, and other fields defined in the template.

CVSS scoring

If your vulnerability template includes a CVSS field, you get an interactive calculator directly in the form. Select the values for each metric (Attack Vector, Attack Complexity, Privileges Required, etc.) and the score is calculated automatically.

Vulnotes supports both CVSS v3.1 and CVSS v4.0 and custom scoring allowing you to create a calculator matching you exact needs.

The score badge updates in real time as you adjust metrics, showing both the numeric score and the severity label (Critical, High, Medium, Low).

AI generation

vulnerability ai generation Click Generate with AI at the top of the vulnerability form to have AI write the content for you. Provide a title and the AI generates a complete vulnerability description including impact, remediation steps, and references.

You can also use the Translate button to automatically translate the vulnerability content to other languages supported by the template.

Multi-language editing

vulnerability multi-language If the vulnerability template supports multiple languages, you will see language tabs at the top of the form (EN, FR, DE, etc.). Click a language tab to switch to that version and write or edit the content in that language.

Each language version has its own set of field values. The title and text fields are translated independently, while non-text fields like CVSS scores are shared across all languages.

Importing vulnerabilities

Instead of creating vulnerabilities one by one, you can import them in bulk:

  • From PwnDoc - connect to your existing PwnDoc instance and import your vulnerability library
  • From JSON - prepare a standardized JSON file with your vulnerabilities (see Import Data)

See the Import Data documentation for the full JSON format reference and step-by-step instructions.