Abstract: To improve the level of railway network security vulnerability management, this paper designed a railway network security vulnerability management platform, elaborated on the overall architecture and functions of the platform, and studied the key technologies of heterogeneous vulnerability data standardization and vulnerability disposal priority evaluation. Through the analysis and integration of asset data, vulnerability data, threat intelligence and other multi-party data, the paper implemented the full lifecycle tracking and management of railway network security vulnerabilities, was able to grasp security vulnerabilities and risk situations in real-time, and improved vulnerability handling capabilities and operational maintenance efficiency.