diff --git a/web/reNgine/definitions.py b/web/reNgine/definitions.py
index 49b5cebdd..7034fbca8 100644
--- a/web/reNgine/definitions.py
+++ b/web/reNgine/definitions.py
@@ -83,6 +83,7 @@
 DALFOX = 'dalfox'
 S3SCANNER = 's3scanner'
 NUCLEI = 'nuclei'
+NMAP = 'nmap'
 CRLFUZZ = 'crlfuzz'
 WAF_EVASION = 'waf_evasion'
 BLIND_XSS_SERVER = 'blind_xss_server'
diff --git a/web/reNgine/tasks.py b/web/reNgine/tasks.py
index 453781342..bffec5789 100644
--- a/web/reNgine/tasks.py
+++ b/web/reNgine/tasks.py
@@ -3233,8 +3233,9 @@ def parse_nmap_results(xml_file, output_file=None):
 					else:
 						logger.warning(f'Script output parsing for script "{script_id}" is not supported yet.')
 
-				# Add URL to vuln
+				# Add URL & source to vuln
 				for vuln in url_vulns:
+					vuln['source'] = NMAP
 					# TODO: This should extend to any URL, not just HTTP
 					vuln['http_url'] = url
 					if 'http_path' in vuln: