Docs · Tools
Patch Advisor
A vulnerability scan can return dozens of findings across the same handful of packages. Patch Advisor collapses them into one prioritized list: which component to update, to what, and how much risk it removes.
- Category
- Defense & Hardening
- Powered by
finding consolidation engine- Edition
- Pro
- Where
- Desktop → Patch Advisor tab
What it does
Patch Advisor reads the vulnerabilities Nexus has found, groups them by the software component that is affected, and orders the result by severity. Instead of a flat wall of CVEs you get a short to-do list: "update these N packages, highest-impact first."
How to use it
1
Run a vulnerability scan
Use the Vulnerability Scanner(or the Fleet's inventory-vs-CVE detection) so there are findings to consolidate.
2
Open Patch Advisor
It aggregates the findings per component and ranks them.
3
Work the list top-down
Patch the highest-severity component first; each update may resolve several findings at once.
What you get
A severity-ordered update plan — the smallest set of changes that removes the most risk. The Fleet's Vulnerability Detection correlates your software inventory against a CVE database continuously, so the same prioritization scales across every endpoint.
Tips
- One package update often clears multiple CVEs — start at the top of the list for the best return.
- Re-scan after patching and confirm the findings dropped with Scan Diff.
Patch what matters first. You rarely have time to patch everything at once. Patch Advisor tells you the order that buys down the most risk per change.