Skip to content
Docs

Slack

Connect CVEFeed.io to your Slack workspace to receive vulnerability alerts directly in a channel. When a new CVE is published for one of your subscribed products, a formatted message is posted with severity color coding, CVSS score, and direct links back to CVEFeed.io.

Tier requirement: Enterprise

Setup

Navigate to your project’s Slack Configuration page from the integrations section.

Slack Configuration page showing Add to Slack button, channel selection dropdown, and Send Test Alert button

The setup follows three stages:

  1. Click “Add to Slack” — this initiates the Slack OAuth flow. You’ll be redirected to Slack to authorize the CVEFeed.io bot in your workspace.

  2. Select a channel — after authorization, you’re redirected back to CVEFeed.io. A channel dropdown appears on the right side. Select the channel where you want alerts posted and click Save. If you want to use a private channel, create the channel first and add the CVEFeed.io bot with the /invite @CVEFeed.io command, then refresh the page.

  3. Send a test message — click Send Test Alert to verify the connection is working. A sample alert will be posted to your selected channel.

Alert Message Format

Slack alerts use rich Block Kit formatting:

  • Header with the CVE ID and affected product name.
  • Description with a summary of the vulnerability.
  • Fields table showing: Vendor, Product, CVE ID, CVSS Score, Severity, Published Date.
  • Action buttons: “View CVE”, “View Product”, “Go to Alerts” — each linking back to CVEFeed.io.
  • Color-coded by severity: red for critical/high, orange for medium, blue for low.

Ransomware-linked CVEs get a distinct alert with red styling and a message emphasizing that CISA has confirmed known ransomware campaign usage.

Disconnecting

To disconnect Slack, click Reset Integration on the configuration page. This removes the bot connection and stops all Slack notifications for the project.