Render CVSS vulnerability vectors as expressive SVG glyphs
Project description
vulnsig-py
Render CVSS vulnerability vectors as expressive SVG glyphs. Each glyph encodes all base metrics visually with shape, color, rings, and texture, so vulnerabilities are recognizable at a glance.
Supports CVSS 4.0, 3.1, and 3.0.
Visit vulnsig.io to interactively explore CVSS glyph configurations and recent or well-known CVE vector glyphs.
Install
pip install vulnsig
Usage
from vulnsig import render_glyph
svg = render_glyph("CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H")
# override the score (e.g. if you already have it)
svg = render_glyph("CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", score=10.0)
# control rendered size in pixels (default 120)
svg = render_glyph("CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", size=64)
render_glyph returns an SVG string ready to embed in HTML or write to a file.
Examples
CVSS 4.0
| Glyph | Name | Vector | Score |
|---|---|---|---|
 |
Log4Shell | AV:N AC:L AT:N PR:N UI:N VC:H VI:H VA:H SC:H SI:H SA:H |
10.0 |
 |
EternalBlue | AV:N AC:L AT:N PR:N UI:N VC:H VI:H VA:H SC:N SI:N SA:N |
9.3 |
 |
Heartbleed | AV:N AC:L AT:N PR:N UI:N VC:H VI:N VA:N SC:L SI:N SA:N |
8.7 |
 |
Spectre | AV:L AC:H AT:P PR:L UI:N VC:H VI:N VA:N SC:H SI:N SA:N |
5.6 |
 |
XSS Stored | AV:N AC:L AT:N PR:L UI:P VC:L VI:L VA:N SC:N SI:N SA:N |
5.1 |
 |
USB Drop | AV:P AC:L AT:N PR:N UI:N VC:H VI:H VA:H SC:N SI:N SA:N |
7.3 |
CVSS 3.x
| Glyph | Name | Vector | Score |
|---|---|---|---|
 |
Log4Shell | AV:N AC:L PR:N UI:N S:C C:H I:H A:H |
10.0 |
 |
XSS Reflected | AV:N AC:L PR:N UI:R S:C C:L I:L A:N |
6.1 |
Visual encoding
Each metric maps to a distinct visual channel:
| Metric | Channel |
|---|---|
| Score | Hue — yellow (low) → orange → dark red (high) |
| AV | Star points — N=8, A=6, L=4, P=3 |
| AC | Star pointiness — L=sharp, H=blunt |
| AT | Ring segmentation — N=solid, P=cut pattern |
| PR | Star outline — N=none, L=thin, H=thick |
| UI | Perimeter — N=spikes, P=bumps, A=clean |
| VC/VI/VA | Inner ring brightness per sector |
| SC/SI/SA | Outer ring band (split when any > 0) |
Requirements
Python 3.10+
What Is New in VulnSig
1.3.0
Added rendering of Exploit Maturity.
Improved rendering of PR.
1.2.0
Improved glyph rendering over diverse backgrounds.
Extension to the public interface.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file vulnsig-1.3.0.tar.gz.
File metadata
- Download URL: vulnsig-1.3.0.tar.gz
- Upload date:
- Size: 10.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a8cdcaf07ce763571b796d2623a9c29de6eae3865780dbb5e7caab018b1456e3
|
|
| MD5 |
9081f0e74a86f2664dad0277ebc26dcd
|
|
| BLAKE2b-256 |
769e119363e9ddf42fb11384f5ae41c85af33906ba38e126332f5702f8b8e1e9
|
File details
Details for the file vulnsig-1.3.0-py3-none-any.whl.
File metadata
- Download URL: vulnsig-1.3.0-py3-none-any.whl
- Upload date:
- Size: 9.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f8143f08e0f09b389c493604c29a924e1af2e0c1dc3e8ac411e42d5f1cc75373
|
|
| MD5 |
da2a00fb9d52318c4a08bd0879de6d8f
|
|
| BLAKE2b-256 |
d3db90991b1cf7fd281f75fc365e17c219ab17e9241549310a97981210477dad
|
