CVE Search
Find known vulnerabilities by CVE ID, vendor, product or keyword. Severity, CVSS, references and publication dates aggregated into one clean result.
About CVE search
Common Vulnerabilities and Exposures (CVE) is the de-facto global registry of publicly disclosed security flaws. Search by CVE ID for a specific vulnerability, or by product or keyword to survey known issues in a technology stack.
CVSS scoring
Each CVE carries a CVSS (Common Vulnerability Scoring System) score from 0.0 to 10.0:
- 9.0-10.0 critical: trivially exploitable, broad impact.
- 7.0-8.9 high: significant risk, patch promptly.
- 4.0-6.9 medium: meaningful risk, prioritize by exposure.
- 0.1-3.9 low: limited impact or hard to exploit.
When it's useful
- Quickly looking up "what is CVE-2021-44228" before digging deeper.
- Scanning known CVEs for a product you run (e.g. Apache, nginx, OpenSSL) before an upgrade.
- Briefing teammates on a newly disclosed vulnerability.
Questions
Where does the data come from?
The NVD (National Vulnerability Database) is the primary upstream. Results may appear delayed a few hours after NVD publication.
How do I search by product?
Use the product or vendor name as a keyword, e.g. 'log4j', 'nginx', 'openssl 3.0'. Specific versions can be added.
Can I filter by severity?
Not yet in this beta view. The classic tool supports min CVSS and date filters and those will return here shortly.
Related tools
Subdomain Finder
Enumerate subdomains via Certificate Transparency and OTX.
IP Lookup
Instant geolocation, ISP, ASN, abuse history and reputation for any IPv4 or IPv6 address.
DNS Lookup
Query A, AAAA, MX, TXT, NS, SOA, CNAME, CAA and SRV records from authoritative resolvers.
WHOIS Lookup
Domain ownership, registrar, nameservers and key dates.