CVE Vulnerability Search

Search the NIST NVD vulnerability database by CVE ID or keyword

Your input never leaves your browser — all processing happens client-side.

Advertisement

Try:

Advertisement

CVE Vulnerability Search — NIST NVD Database

Search over 200,000 CVE records from the NIST National Vulnerability Database (NVD) in real time. Look up specific CVEs by ID, or search by product name, vendor, or technology to find related vulnerabilities. Results include CVSS scores, severity ratings, descriptions, and affected product configurations.

What is CVE Vulnerability Search?

The Common Vulnerabilities and Exposures (CVE) system provides a reference method for publicly known cybersecurity vulnerabilities. Each CVE ID maps to a specific vulnerability in a specific software version. The NIST NVD enriches CVE data with CVSS scores, CPE configurations (affected products), and CWE weakness classifications. This data is essential for vulnerability management, patch prioritization, and security research.

How to Use This Tool

  1. 1Enter a CVE ID (e.g., CVE-2021-44228) for a specific vulnerability lookup.
  2. 2Or enter a keyword (e.g., 'apache log4j', 'windows rdp') to search by topic.
  3. 3Click 'Search' to query the NIST NVD API.
  4. 4Review results: severity badge (Critical/High/Medium/Low), CVSS score, description, and published date.
  5. 5Click on a CVE to open its full NVD entry for detailed information.

Use Cases

  • Vulnerability management — check if known CVEs affect your software stack.
  • Patch prioritization — identify and triage the highest-severity issues first.
  • Security research and threat intelligence analysis.
  • CTF challenges — look up CVEs referenced in challenge descriptions.
  • Compliance reporting — document known vulnerabilities for auditors.

Is It Safe to Use?

Search queries are sent to the public NIST NVD API (nvd.nist.gov). This is necessary because the CVE database cannot be replicated client-side. The only data transmitted is your search term. NIST is a US federal agency and their API is publicly accessible — no API key is required for basic searches.

Related Tools

IP Lookup

Geolocate IP addresses

WHOIS Lookup

Domain registration info

SSL Checker

Verify SSL certificates

Frequently Asked Questions

What is a CVE?

CVE (Common Vulnerabilities and Exposures) is a list of publicly disclosed cybersecurity vulnerabilities. Each vulnerability gets a unique CVE ID (e.g., CVE-2024-12345), a description, and a CVSS severity score. The list is maintained by MITRE and published in the NIST National Vulnerability Database (NVD).

What does the CVSS score mean?

CVSS (Common Vulnerability Scoring System) rates vulnerability severity from 0 to 10. Critical (9.0-10.0), High (7.0-8.9), Medium (4.0-6.9), Low (0.1-3.9). The score considers factors like attack vector, complexity, required privileges, and potential impact.

How current is the data?

This tool queries the NIST NVD API in real time, so results are as current as the NVD database, which is continuously updated. New CVEs are typically added within hours to days of public disclosure.

Can I search for vulnerabilities affecting a specific product?

Yes — use keyword search to search by product name, vendor, or technology. For example, search 'Apache Log4j' or 'OpenSSL' to find related CVEs.

Advertisement