VulGD: A LLM-Powered Dynamic Open-Access Vulnerability Graph Database

VulGD is a research-oriented project (linked to an arXiv paper) that addresses a known pain point in Cyber Threat Intelligence (CTI): the rigidity of relational vulnerability databases like NVD. By using LLMs to parse unstructured text and map it into a graph structure (Neo4j), it enables more complex path-finding between vulnerabilities and products. However, its defensibility is low (3) because the primary value is in the schema and the LLM prompting strategy, both of which are easily replicated by established security vendors. The project has 0 stars and 4 forks (likely the authors or early evaluators), indicating it has not yet achieved community traction beyond its academic origins. The greatest risk comes from platform giants like Microsoft (via GitHub/Security Copilot) or Google (via Mandiant/OSV.dev), who already own the underlying vulnerability data and possess superior LLM infrastructure. These entities could implement a 'graph view' of their existing advisories as a feature, effectively neutralizing the need for a standalone tool like VulGD. While the use of LLMs for dynamic updates is a clever combination, it lacks a data moat or proprietary algorithm that would prevent rapid displacement by enterprise-grade security platforms within 12-24 months.