Dataset

Cyber intelligence sample set

Synthetic KEV-shaped exploited vulnerabilities, NVD-shaped CVE severity records, CISA-advisory-shaped items, and ransomware leak-site-shaped victim claims, used by the cyber intelligence dashboard prototype. Structure is production-shaped; every record is invented and labeled SAMPLE.

v1.0.0 · July 4, 2026 · CC-BY-4.0

Files

Schema and provenance

Generated synthetically (seeded, reproducible) for the dashboard prototype. KEV rows follow the CISA catalog schema; CVE rows follow the NVD 2.0 metrics schema; ransomware rows follow community leak-site aggregator conventions. No record describes a real vulnerability, breach, or victim. The season time series accumulates as the ETL runs; its checksum is intentionally omitted because the file grows daily by design (unlike static datasets, it is not immutable).

The published file is the accumulating season time series (timeseries.csv): one row per snapshot date with kev_total, kev_added_today, nvd_critical_high, ransomware_victims, exploited_criticals, and advisories. Full daily snapshots (the complete KEV/NVD/advisory/ransomware records and their correlations) live under data/snapshots/{date}.json in the dashboard bundle and are downloadable per-day from the dashboard itself via the date selector.

Because the time series grows with every ETL run it is deliberately excluded from verify:datasets — checksums are for immutable files, and this one is append-by-design. The immutable artifacts here are the per-day snapshots.

Changelog

Produced for the investigation cyber-intelligence.