Vulnerability Library

The vulnerability library is your centralized database of known vulnerabilities. Instead of rewriting the same SQL Injection or XSS description in every report, you write it once in the library and reuse it across all your assessments.

Library vs report findings

There is an important distinction between library vulnerabilities and report findings:

• Library vulnerabilities are standalone, reusable entries that live outside of any specific report. They are your knowledge base.
• Report findings are the actual vulnerabilities you discovered during an assessment. When you add a finding to a report from the library, the content is copied in. Changes to the finding in the report do not affect the library, and changes to the library do not affect existing reports.

Think of the library as your template collection for vulnerabilities. You maintain high-quality, well-written descriptions there, and then customize them per-engagement when adding them to reports.