fuzzy search for code that reminds code from fixes to known vulnerabilities
cvematch Fuzzy search for code similar to code that caused known vulnerabilities Reports should be interpreted as "structure of this code loosely reminds the code that lead to CVE-123" Its purpose is to suggest candidates for manual code audit, somewhat like you would use a noisy static analyzer, not an SCA tool Supported languages are C, C++, C#, Java, Python, PHP