cve-search Common Vulnerabilities and Exposures (CVE)

cve-search - Common Vulnerabilities and Exposure Web Interface and API


cve-search is accessible via a web interface and an HTTP API. cve-search is an interface to search publicly known information from security vulnerabilities in software and hardware along with their corresponding exposures.

cve-search includes the following data-feeds:

cve-search is a public service operated by CIRCL.

The HTTP API outputs JSON. The API is fully documented at the following location

Browse vendor and product

To get a JSON with all the vendors:


To get a JSON with all the products associated to a vendor:


Browse CVEs per vendor/product

To get a JSON with all the vulnerabilities per vendor and a specific product:


Get CVE per CVE-ID

To get a JSON of a specific CVE ID:


Get the last updated CVEs

To get a JSON of the last 30 CVEs including CAPEC, CWE and CPE expansions:


Get more information about the current CVE database

To get more information about the current databases in use and when it was updated:


Do you log search queries?

Yes, we do log the search queries to debug our software and acquire statistics about software vulnerabilities trending.

Where is the source code of the cve-search software?

cve-search source code is available on GitHub. The main authors of cve-search are Alexandre Dulaunoy and Pieter-Jan Moreels with the support of the community including CIRCL.

Is there a full-dump of the cve-search database?

You can request an access to the full-dump via the CIRCL data feeds CVE service.

What are the software using API?