> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cysmiq.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Vulnerability detail view

> What you see in the vulnerability detail UI and where each section appears.

## Overview

The vulnerability detail view is where you review evidence, update status, assign owners, and create tickets. For definitions of severity, impacts, and vulnerability types, see [Vulnerabilities](/concepts/vulnerabilities) and [Impacts](/concepts/impacts).

## Page layout

* Header tabs: **Overview**, **Analysis** when call hierarchies exist, **Activity**
* Watch button: toggle watching and see watcher count
* Main content: type specific sections on the left, with a right sidebar for status and metadata
* Comments: shown below the main content on the **Overview** tab

## Detail view by vulnerability type

<Tabs>
  <Tab title="Code">
    **Overview tab, left column**

    * **Description**: code snippet with highlighted lines and analysis context. The context can show confirmed vulnerable or exploitable evidence, a **Needs Review** state when human review is required, or non-exploitable or non-vulnerable analysis. Fixing advice appears when available.
    * **Locations**: table with **Container**, **Line**, and **Branch/Ref** columns

    **Analysis tab**

    * Call hierarchy selector and either data flow analysis or function analysis
    * Step by step analysis with code excerpts when available
  </Tab>

  <Tab title="Dependency">
    **Overview tab, left column**

    * **Overview**: ID, GHSA and CVE identifiers, source code link when available, package, affected versions, first patched versions
    * **Description**: advisory description and references
    * **Locations**: table with **Asset**, **Branch/Ref**, and **Manifest** columns

    **Sidebar additions**

    * EPSS and CVSS panels when data is available
  </Tab>

  <Tab title="Secret">
    **Overview tab, left column**

    * **Overview**: secret type, verification status, provider, verification timestamps, vulnerable since, confidence, and file type when available
    * **Description**: AI analysis results and detection context for LLM secrets, or verification guidance for API verified secrets
    * **Locations**: table with **Asset**, **Path**, **Line**, **Branch/Ref**, **Type**, and **Status** columns
    * **Secret materials**: shows verified secret materials when present
    * **Verification history**: recent verification results for API verified secrets

    **Warnings**

    * When all secret locations are removed, a callout explains that rotation or revocation is still required before closing the vulnerability
    * When a Secret-LLM finding is no longer detected and manual closure is enabled, a callout explains that it moved to **Needs Review** and requires manual closure
  </Tab>
</Tabs>

## Sidebar sections

* **Status and resolution**: shows the current lifecycle state and resolution. See [Statuses](/vulnerability-management/lifecycle#statuses) and [Resolutions](/vulnerability-management/lifecycle#resolutions). Human review required callouts group active escalation sources and reasons, show path counts when multiple locations need review, and include the timestamp when available.
* **Snooze**: request a temporary snooze, review a pending snooze request, approve or reject requests when permitted, cancel your own request, or clear an active snooze. See [Snoozes](/vulnerability-management/snoozes).
* **Analysis**: vulnerable and exploitable flags, severity, CWE, and fixing complexity when available. Definitions are in [Vulnerabilities](/concepts/vulnerabilities) and [Impacts](/concepts/impacts).
* **Assignment**: current assignee and reassignment controls. For automated routing, see [Auto assignment](/vulnerability-management/auto-assignment).
* **Ticketing**: linked tickets and create ticket action. When no Jira or Linear integration is active in the workspace, this section shows a placeholder pointing to settings instead of the create action. See [Tickets](/vulnerability-management/tickets).
* **Introduced by**: author and first detected timestamp for non dependency vulnerabilities
* **Impacts**: impact categories shown as icons. See [Impacts](/concepts/impacts).

## Activity tab

The **Activity** tab shows a timeline of key events such as status changes, comments, and system activity.

## Related docs

* [Vulnerabilities](/concepts/vulnerabilities)
* [Impacts](/concepts/impacts)
* [Code scanning](/scanning/code)
* [Dependencies scanning](/scanning/dependencies)
* [Secrets scanning](/scanning/secrets)
* [Vulnerability lifecycle](/vulnerability-management/lifecycle)
* [Snoozes](/vulnerability-management/snoozes)
* [Tickets](/vulnerability-management/tickets)
