Netpicker CVEasy is a vulnerability assessment solution that identifies and verifies CVE vulnerabilities in network devices. The product operates as an on-premise instance (available as OVA or Docker) that automates the process of comparing public CVE files against network device operating system versions. The solution performs two levels of vulnerability assessment. First, it conducts OS version checks by backing up device configurations and comparing OS versions against known CVE databases to identify potentially vulnerable devices. Second, it performs configuration rule testing that verifies specific configuration rules on each device to confirm actual vulnerabilities rather than just potential ones. CVEasy includes a library of pre-built tests for major network equipment vendors, which are regularly updated. The system runs automated scans, generates reports, and provides proactive notifications when new vulnerabilities are discovered. The solution ranks vulnerabilities by CVE severity and aims to reduce false positives by verifying vulnerabilities through configuration analysis rather than relying solely on version matching. The product supports both internet-connected and air-gapped deployments. Organizations deploy the Netpicker instance in their network environment and subscribe to the CVEasy service to receive automated CVE and test updates.