An AI-driven vulnerability research initiative by Innora.ai — systematically discovering, validating, and disclosing security vulnerabilities across the most critical embedded and digital infrastructure.
31+ CVEs confirmed by MITRE across automotive ECUs, IoT firmware, Web3 protocols, and AI systems. All findings responsibly disclosed. No unpublished exploit details are shared publicly.
CVE counts reflect publicly disclosed and MITRE-confirmed vulnerabilities only.
Nora AI orchestrates a 5-phase pipeline — from raw firmware to coordinated CVE disclosure. Click each phase to explore the methodology.
Displayed CVEs are publicly disclosed and patched. No unpublished or ZDI-embargoed details are shown.
All vulnerabilities are reported to vendors before public disclosure. We follow coordinated disclosure timelines and support CVE assignment through MITRE.
We do not publish working exploits, 0-day details, or attack tooling. Our research focus is defense — finding vulnerabilities before adversaries do.
Every CVE is backed by a reproducible PoC shared only with the affected vendor. CVSS scores are assigned following FIRST guidelines.
The same AI pipeline that discovered 31+ CVEs is available for your product. Web3, IoT, Automotive, or Mobile — we find what others miss.
@Innora_sg · [email protected] · innora.ai/cve1000