As software usage increases, so are cybersecurity threats, organizations are struggling to manage and prioritize vulnerabilities, as the number of new vulnerabilities detected per year is increasing rapidly. Traditional vulnerability management lacks integration of the most interlinked security databases Common Vulnerabilities and Exposures (CVE), Common Weakness Enumeration (CWE), and Common Attack Pattern Enumeration and Classification (CAPEC).

In this research, this study introduces a graph-model(semantic model) representation of vulnerability knowledge which not only integrates the security databases provided by the MITRE, but also adds new inference knowledge using inference rules from knowledge graphs, which enables the organizations, security analysts to query the vulnerability data cumulatively, gaining complete insights of the vulnerability impact and prioritize it accordingly. Various research has been done to build an ontology, but no specific knowledge graph is currently available up to date to query and gain insights integrating the security databases.

This research explores the construction of knowledge graph using linked data fragments, which enable high availability of the server for querying at low costs. Experimental evaluation showed that the knowledge graph approach achieved a 68% decrease in average query execution time compared to traditional relational database queries, while also supporting automated inference that uncovered over 15% more semantic relationships. Utilizing the Linked Data Fragments (LDF) server further boosted scalability and kept resource usage low.