feat!(detector): replace go-kev with vuls2 (#2509)

Remove go-kev dependency and replace KEVuln detection with vuls2-based
KEV enrichment pipeline supporting CISA, VulnCheck, and ENISA KEV.

- Remove detector/kevuln.go and all FillWithKEVuln call sites
- Remove KEVulnConf from config, TOML template, and subcmds
- Add enrichVulnerabilities() and enrichAdvisories() in vendor.go
  with explicit sourceID switch for each data source
- Add enrichVulnerabilityKEV() for CISA/VulnCheck KEV (vulnerability-based)
- Add enrichAdvisoryKEV() for ENISA KEV (advisory-based)
- Add enrichRedHatCVE() extracted from inline enrich() logic
- Use GetVulnerabilityDataByVulnerabilityID for unified vuln+advisory lookup
- Add ENISAKEVType and ENISAKEV struct to models
- Add unit tests for CISA, VulnCheck, and ENISA KEV enrichment
- Remove go-kev from dependabot.yml

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: MaineK00n

.github/dependabot.yml

@@ -44,7 +44,6 @@ updates:
           - "github.com/vulsio/go-cti"
           - "github.com/vulsio/go-cve-dictionary"
           - "github.com/vulsio/go-exploitdb"
-          - "github.com/vulsio/go-kev"
           - "github.com/vulsio/go-msfdb"
           - "github.com/vulsio/gost"
       trivy:
@@ -61,7 +60,6 @@ updates:
           - "github.com/vulsio/go-cti"
           - "github.com/vulsio/go-cve-dictionary"
           - "github.com/vulsio/go-exploitdb"
-          - "github.com/vulsio/go-kev"
           - "github.com/vulsio/go-msfdb"
           - "github.com/vulsio/gost"
           - "github.com/aquasecurity/trivy"

config/config.go

@@ -42,7 +42,6 @@ type Config struct {
 	Gost       GostConf       `json:"gost,omitzero"`
 	Exploit    ExploitConf    `json:"exploit,omitzero"`
 	Metasploit MetasploitConf `json:"metasploit,omitzero"`
-	KEVuln     KEVulnConf     `json:"kevuln,omitzero"`
 	Cti        CtiConf        `json:"cti,omitzero"`
 	Vuls2      Vuls2Conf      `json:"vuls2,omitzero"`
 
@@ -192,7 +191,6 @@ func (c *Config) ValidateOnReport() bool {
 		&Conf.Gost,
 		&Conf.Exploit,
 		&Conf.Metasploit,
-		&Conf.KEVuln,
 		&Conf.Cti,
 	} {
 		if err := cnf.Validate(); err != nil {

config/tomlloader.go

@@ -42,7 +42,6 @@ func (c TOMLLoader) Load(pathToToml string) error {
 		&Conf.Gost,
 		&Conf.Exploit,
 		&Conf.Metasploit,
-		&Conf.KEVuln,
 		&Conf.Cti,
 	} {
 		cnf.Init()

config/vulnDictConf.go

@@ -254,33 +254,6 @@ func (cnf *MetasploitConf) Init() {
 	cnf.DebugSQL = Conf.DebugSQL
 }
 
-// KEVulnConf is go-kev config
-type KEVulnConf struct {
-	VulnDict
-}
-
-const kevulnDBType = "KEVULN_TYPE"
-const kevulnDBURL = "KEVULN_URL"
-const kevulnDBPATH = "KEVULN_SQLITE3_PATH"
-
-// Init set options with the following priority.
-// 1. Environment variable
-// 2. config.toml
-func (cnf *KEVulnConf) Init() {
-	cnf.Name = "kevuln"
-	if os.Getenv(kevulnDBType) != "" {
-		cnf.Type = os.Getenv(kevulnDBType)
-	}
-	if os.Getenv(kevulnDBURL) != "" {
-		cnf.URL = os.Getenv(kevulnDBURL)
-	}
-	if os.Getenv(kevulnDBPATH) != "" {
-		cnf.SQLite3Path = os.Getenv(kevulnDBPATH)
-	}
-	cnf.setDefault("go-kev.sqlite3")
-	cnf.DebugSQL = Conf.DebugSQL
-}
-
 // CtiConf is go-cti config
 type CtiConf struct {
 	VulnDict

detector/detector.go

@@ -215,10 +215,6 @@ func Detect(rs []models.ScanResult, dir string) ([]models.ScanResult, error) {
 		}
 		logging.Log.Infof("%s: %d exploits are detected", r.FormatServerName(), nMetasploitCve)
 
-		if err := FillWithKEVuln(&r, config.Conf.KEVuln, config.Conf.LogOpts); err != nil {
-			return nil, xerrors.Errorf("Failed to fill with Known Exploited Vulnerabilities: %w", err)
-		}
-
 		if err := FillWithCTI(&r, config.Conf.Cti, config.Conf.LogOpts); err != nil {
 			return nil, xerrors.Errorf("Failed to fill with Cyber Threat Intelligences: %w", err)
 		}