A method for privacy preserving vulnerability detection for devices. In an example, an apparatus may include a processor and memory coupled with the processor that effectuates operations. The operations may include receiving a type of a device; receiving a feature for the device; creating a first hash value based on the device type and the feature; receiving an indication that the first hash value matches a second hash value; and based on the indication that the first hash value matches the second hash function, sending an alert that the device has a vulnerability.