VulnPath

Stop reading CVEs.
See the attack.

VulnPath generates an attack chain graph for CVE IDs in seconds — every hop from the attack to impact, mapped to MITRE ATT&CK, with a simple mode for when you need to brief someone who isn't in the weeds.

Try it free — no signup →

Learn more

01 — Interactive Attack Graph

The full attack chain,
in one view.

Instead of parsing a wall of NVD text, you get a graph. Every node shows its role in the attack — who the attacker is, what they exploited, what system they landed on, and what the blast radius looks like. Hover any node for details. Pan and zoom freely.

Graph structure is derived from the CVE's actual CVSS vector and CWE IDs — not generic templates
Node types: entry point, attacker action, vulnerable component, target system, impact
Hover for tooltips on desktop · tap for slide-up detail drawer on mobile

vulnpath.app · CVE-2021-44228 · Log4Shell

💻

📋

📦

🖥️

💥

02 — Technical + Simple Mode

Brief anyone —
not just engineers.

Toggle between a full technical breakdown and simple mode with one click. Use Technical mode for your own triage. Switch to Simple mode when you need to explain the severity to a CISO, a developer, or anyone outside the security team.

Every node, step, and CVSS metric has both a technical and simple version
Simple mode rewrites jargon into clear, direct language — no dumbing down
The entire interface updates instantly — no reloading, no separate view

vulnpath.app · Mode toggle · Technical ↔ Simple

TECHNICAL

SIMPLE

ATTACK VECTOR

COMPLEXITY

PRIVILEGES

03 — Step-by-Step Attack Chain

Not just what broke —
exactly how it was exploited.

Each CVE is broken into an ordered sequence of attack phases — from initial access through to full impact. Useful for writing incident response playbooks, building detection rules, or explaining the attack narrative during a debrief.

3–6 ordered steps per CVE covering the complete attack lifecycle
Each step tagged by MITRE tactic: Initial Access, Execution, Persistence, Exfiltration, Impact
Steps rewrite automatically when switching to Simple mode

vulnpath.app · Attack Chain panel · EternalBlue

INITIAL ACCESS

EXECUTION

PERSISTENCE

IMPACT

04 — MITRE ATT&CK Mappings

Know which techniques
you need to detect.

Every CVE is automatically mapped to the relevant MITRE ATT&CK technique IDs. See exactly which tactics were used so you can cross-reference your detection coverage and identify gaps before the next incident.

3–5 MITRE technique IDs per CVE, specific to the actual exploit method
Plain-English technique names alongside the standard IDs
Technique badges link directly to the ATT&CK knowledge base

vulnpath.app · MITRE ATT&CK panel · ProxyLogon

T1190

T1078

T1059

T1505

Free · no signup required

Five of the most exploited vulnerabilities ever discovered.

Click any CVE below to generate the full attack chain graph — every step from initial access to impact, mapped to MITRE ATT&CK.

Stop reading CVEs.See the attack.

The full attack chain,in one view.

Brief anyone —not just engineers.

Not just what broke —exactly how it was exploited.

Know which techniquesyou need to detect.

Stop reading CVEs.
See the attack.

The full attack chain,
in one view.

Brief anyone —
not just engineers.

Not just what broke —
exactly how it was exploited.

Know which techniques
you need to detect.