Pricing

Pay per event

CVE Vulnerability Lookup (NIST NVD)

Query the NIST NVD for CVE details — lookup by CVE ID, keyword, or CPE product. Returns CVSS scores, descriptions, CWE IDs, affected software, and patch links. No API key required.

Pricing

Pay per event

Rating

0.0

(0)

Developer

Stas Persiianenko

Actor stats

Bookmarked

Total users

Monthly active users

3 days ago

Last modified

What does CVE Vulnerability Lookup do?

CVE Vulnerability Lookup queries the official NIST NVD API (completely free and public) to retrieve structured vulnerability data for any CVE identifier.

You can look up specific CVE IDs (like CVE-2021-44228 Log4Shell), run a keyword search across all NVD records (e.g., "apache struts remote code execution"), or search by CPE product name to find all vulnerabilities for a specific software version.

Each result includes CVSSv3/v2 scores and severity, full English descriptions, CWE weakness IDs, a deduplicated list of patch/fix URLs, and the direct NVD link. Pure HTTP — no browser, no proxy, no login.

Who is CVE Vulnerability Lookup for?

Security engineers and DevSecOps teams

Automate vulnerability triage: pull CVE details for your dependency SBOMs via API
Integrate NVD data into your internal SIEM, ticketing, or patch management workflows
Schedule daily pulls to catch newly published CVEs for your tech stack

Penetration testers and red teams

Quickly enumerate all known CVEs for a specific CPE product and version
Export critical/high severity CVEs for a target technology to JSON or CSV
Feed CVE data into your pentest reporting automation

CTI (Cyber Threat Intelligence) analysts

Monitor CVE publication rates and severity trends for vendor products
Build CVE feeds for threat intel platforms (Splunk, Elastic, OpenCTI)
Extract CWE patterns across vulnerability classes for trend analysis

Compliance and audit teams

Verify patch status for specific CVE IDs mentioned in audit findings
Bulk-query CVEs by keyword to produce evidence for compliance reports
Export CVSS scores for risk scoring worksheets

Why use CVE Vulnerability Lookup?

✅ Free public API — NIST NVD is completely free, no API key or account needed
✅ No proxy required — pure HTTP with zero browser overhead
✅ Three lookup modes — by CVE ID, keyword search, or CPE product name
✅ Structured output — CVSS v3.1/v3.0/v2, CWE IDs, affected products, patch URLs
✅ Severity filtering — filter results to only return HIGH or CRITICAL CVEs
✅ Date range support — filter by CVE publication date
✅ Batch CVE lookup — provide up to thousands of CVE IDs in one run
✅ Apify platform advantages — export to JSON/CSV/Excel, schedule runs, API access, Zapier/Make integration, webhook triggers

What data can you extract?

Field	Description
🔑 `cveId`	CVE identifier (e.g. CVE-2021-44228)
📅 `publishedDate`	Date CVE was first published to NVD
🔄 `lastModifiedDate`	Date of last NVD update
📊 `vulnStatus`	NVD analysis status (Analyzed, Modified, etc.)
⚠️ `cvssV3Score`	CVSS v3.x base score (0.0–10.0)
🎯 `cvssV3Severity`	CVSS v3.x severity label (CRITICAL/HIGH/MEDIUM/LOW)
🔢 `cvssV3Vector`	Full CVSS v3 vector string
⚠️ `cvssV2Score`	CVSS v2 base score (fallback for older CVEs)
🎯 `cvssV2Severity`	CVSS v2 severity label
📝 `description`	Full English vulnerability description
🛡️ `cweIds`	CWE weakness classification IDs (e.g. CWE-20)
📦 `affectedProducts`	Vulnerable vendor/product pairs from CPE configurations
🔗 `patchLinks`	Patch, fix, and vendor advisory URLs
🔢 `referenceCount`	Total number of NVD references
🌐 `nvdUrl`	Direct link to the NVD vulnerability detail page

How much does it cost to look up CVE vulnerabilities?

This Actor uses pay-per-event pricing — you pay only for what you fetch. No monthly subscription. All platform costs are included.

	Free	Starter ($29/mo)	Scale ($199/mo)	Business ($999/mo)
Per CVE	$0.0023	$0.002	$0.00156	$0.0012
100 CVEs	$0.23	$0.20	$0.156	$0.12
1,000 CVEs	$2.30	$2.00	$1.56	$1.20

Plus a one-time start fee of $0.005 (Free) / $0.00475 (Starter) per run. Higher-tier plans get additional volume discounts.

Real-world cost examples:

Use case	CVEs	Duration	Cost (Free tier)
Lookup 3 specific CVE IDs	3	~5s	~$0.01
Keyword search for 20 CVEs	20	~15s	~$0.05
CPE scan — 100 CVEs for a product	100	~70s	~$0.23
Full SBOM triage — 500 CVEs	500	~6 min	~$1.15

Free plan users get $5 in monthly credits — enough for ~2,000 CVE lookups at no charge.

How to look up CVE vulnerabilities

Open the CVE Vulnerability Lookup actor page
Click Try for free — no credit card needed for the first run
Choose your lookup mode:
- CVE IDs: Enter specific CVE identifiers like CVE-2021-44228
- Keyword search: Enter terms like log4j remote code execution
- CPE name: Enter a CPE 2.3 string like cpe:2.3:a:apache:log4j:2.14.1:*:*:*:*:*:*:*
Set filters (optional): minimum severity (LOW/MEDIUM/HIGH/CRITICAL), date range
Click Start and wait for results (most runs complete in seconds to minutes)
Export to JSON, CSV, or Excel from the Dataset tab

Input example — specific CVE IDs:

{
    "cveIds": ["CVE-2021-44228", "CVE-2023-23397", "CVE-2021-34527"]
}

Input example — keyword search with severity filter:

{
    "keywordSearch": "apache struts remote code execution",
    "maxResults": 50,
    "minSeverity": "HIGH"
}

Input example — CPE product scan:

{
    "cpeName": "cpe:2.3:a:microsoft:exchange_server:2019:*:*:*:*:*:*:*",
    "maxResults": 100
}

Input parameters

Parameter	Type	Required	Default	Description
`cveIds`	string[]	No	—	Specific CVE IDs to look up (takes priority over keyword/CPE)
`keywordSearch`	string	No	—	Keyword search across NVD descriptions and metadata
`cpeName`	string	No	—	CPE 2.3 name to find all associated CVEs
`maxResults`	integer	No	20	Maximum CVEs to return (keyword/CPE modes); max 2000
`minSeverity`	string	No	—	Minimum CVSS severity: LOW, MEDIUM, HIGH, or CRITICAL
`publishedAfter`	string	No	—	ISO 8601 date (YYYY-MM-DD) — only CVEs published after this
`publishedBefore`	string	No	—	ISO 8601 date (YYYY-MM-DD) — only CVEs published before this

Priority: CVE IDs → keyword search → CPE name. Only the first non-empty input mode is used.

Output example

{
    "cveId": "CVE-2021-44228",
    "publishedDate": "2021-12-10",
    "lastModifiedDate": "2026-02-20",
    "vulnStatus": "Analyzed",
    "cvssV3Score": 10,
    "cvssV3Severity": "CRITICAL",
    "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
    "cvssV2Score": 9.3,
    "cvssV2Severity": "HIGH",
    "cvssV2Vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
    "description": "Apache Log4j2 2.0-beta9 through 2.15.0 ... JNDI features ... arbitrary code execution ...",
    "cweIds": ["CWE-20", "CWE-400", "CWE-502", "CWE-917"],
    "affectedProducts": ["apache/log4j", "siemens/capital", "oracle/weblogic_server"],
    "patchLinks": [
        "https://logging.apache.org/log4j/2.x/security.html",
        "https://msrc-blog.microsoft.com/2021/12/11/..."
    ],
    "referenceCount": 103,
    "nvdUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
}

Tips for best results

🎯 Start with CVE IDs for known vulnerabilities — fastest mode, one API call per CVE
🔍 Use keyword search for discovery — NVD full-text search across all CVE descriptions
📦 CPE mode is ideal for SBOM triage — find every CVE for vendor/product/version
⚠️ Filter by severity — set minSeverity: "HIGH" to reduce noise for risk management
📅 Use date filters for recency — set publishedAfter: "2024-01-01" for recent CVEs only
💡 Start small — try 20 results first to verify your query returns what you expect
🔄 Schedule for monitoring — schedule a daily run with keywordSearch or cpeName to catch new CVEs for your products
🐢 NVD rate limits without API key: ~5 requests/30 seconds. For bulk lookups of 1000+ CVEs, runs take a few minutes — this is normal

Integrations

CVE Vulnerability Lookup → Google Sheets (vulnerability tracking) Export your CVE dataset to Google Sheets using the Apify Google Sheets integration. Keep a live spreadsheet of all critical CVEs for your dependency stack, updated automatically each day.

CVE Vulnerability Lookup → Slack/PagerDuty (alerting) Use Apify webhooks to trigger a Slack message or PagerDuty alert when new CRITICAL CVEs are found for your products. Set up a scheduled daily run with publishedAfter: yesterday to catch new CVEs within 24 hours.

CVE Vulnerability Lookup → JIRA/GitHub Issues (patch tracking) Pipe CVE results into Make.com or Zapier to auto-create JIRA tickets or GitHub issues for each HIGH/CRITICAL CVE found in your SBOM. Link the nvdUrl in the ticket for direct NVD reference.

CVE Vulnerability Lookup → Elastic/Splunk SIEM Use the Apify API to pull CVE data on a schedule and feed it into your SIEM index. Join with your asset inventory to produce "at-risk host" reports.

CVE Vulnerability Lookup → Excel for compliance reports Export to Excel directly from the Apify dataset page. Pre-filter by minSeverity: CRITICAL to generate a focused finding list for PCI-DSS or SOC 2 auditors.

Using the Apify API

You can trigger CVE lookups programmatically from any language using the Apify API.

Node.js

import { ApifyClient } from 'apify-client';

const client = new ApifyClient({ token: 'YOUR_APIFY_TOKEN' });

const run = await client.actor('automation-lab/cve-vulnerability-lookup').call({
    cveIds: ['CVE-2021-44228', 'CVE-2023-23397'],
});

const { items } = await client.dataset(run.defaultDatasetId).listItems();
console.log(items);

Python

from apify_client import ApifyClient

client = ApifyClient('YOUR_APIFY_TOKEN')

run = client.actor('automation-lab/cve-vulnerability-lookup').call(run_input={
    'keywordSearch': 'microsoft exchange remote code execution',
    'maxResults': 50,
    'minSeverity': 'HIGH',
})

for item in client.dataset(run['defaultDatasetId']).iterate_items():
    print(item['cveId'], item['cvssV3Severity'], item['description'][:80])

cURL

curl -X POST \
  "https://api.apify.com/v2/acts/automation-lab~cve-vulnerability-lookup/runs" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_APIFY_TOKEN" \
  -d '{
    "cpeName": "cpe:2.3:a:apache:log4j:2.14.1:*:*:*:*:*:*:*",
    "maxResults": 100
  }'

Use with AI agents via MCP

CVE Vulnerability Lookup is available as a tool for AI assistants that support the Model Context Protocol (MCP).

Add the Apify MCP server to your AI client — this gives you access to all Apify actors, including this one:

Setup for Claude Code

$claude mcp add --transport http apify "https://mcp.apify.com?tools=automation-lab/cve-vulnerability-lookup"

Setup for Claude Desktop, Cursor, or VS Code

Add this to your MCP config file:

{
    "mcpServers": {
        "apify": {
            "url": "https://mcp.apify.com?tools=automation-lab/cve-vulnerability-lookup"
        }
    }
}

Your AI assistant will use OAuth to authenticate with your Apify account on first use.

Example prompts

Once connected, try asking your AI assistant:

"Use automation-lab/cve-vulnerability-lookup to look up CVE-2021-44228, CVE-2023-23397, and CVE-2021-34527 and tell me their CVSS scores and patch links"
"Search for critical vulnerabilities in Apache Struts published in 2023 and summarize the top 5 by severity"
"Find all CVEs for cpe:2.3:a:microsoft:exchange_server:2019:::::::* with HIGH or CRITICAL severity"

Learn more in the Apify MCP documentation.

Is it legal to query the NVD API?

Yes. The NIST NVD is a publicly funded, freely accessible database maintained by the US government. The NVD API has no terms restricting automated queries — in fact, it's designed and published specifically for automated tools and integrations.

This actor only reads public vulnerability data that NIST explicitly makes available for programmatic access. No login, no scraping of private data, no circumvention of security measures.

As with all data collection, use the data responsibly:

Do not use CVE data to target systems you don't have permission to test
Be aware of applicable laws (CFAA, Computer Misuse Act, etc.) in your jurisdiction
The NVD data is in the public domain — redistribution is permitted with proper attribution to NIST

FAQ

How fast does it run? CVE ID lookups are very fast — typically 3–5 seconds for 10 CVEs. Keyword and CPE searches that return 100+ results may take 2–4 minutes due to NVD's free-tier rate limit of ~5 API requests per 30 seconds. There is no delay if you provide a NVD API key (not currently supported — file a feature request if needed).

How much does it cost to look up CVEs? Very cheap. Looking up 3 CVE IDs costs about $0.01 on the free tier. A batch of 500 CVEs costs about $1.15. You can look up roughly 2,000 CVEs with the free $5 monthly credit.

Is this different from the official NVD API? The official NVD API returns raw JSON with nested structures that require significant parsing. This actor normalizes the output into flat, analysis-ready records — CVSS scores, severity, CWE IDs, and deduplicated patch links are all pre-extracted. You also get the Apify platform benefits: scheduling, export formats (CSV/Excel/JSON), API access, Zapier/Make integration, and webhooks.

Why are some CVEs missing a CVSSv3 score? Older CVEs (pre-2015) were scored only with CVSSv2. NVD began applying CVSSv3 scoring retroactively but hasn't scored every historical CVE. When CVSSv3 is absent, check cvssV2Score and cvssV2Severity instead.

Why does a CVE lookup return fewer results than expected? A few reasons: the CVE ID may be misspelled (the format must be CVE-YYYY-NNNNN), the CVE may not yet be in NVD (MITRE assigns IDs before NVD analysis), or the minSeverity filter may be excluding some results. Remove the minSeverity filter and check the vulnStatus field — CVEs in "Awaiting Analysis" status may have no CVSS score yet.

Does this work for CVEs published today? Yes — NVD updates continuously. CVEs may appear in NVD within hours to days of being assigned. Very new CVEs may show vulnStatus: "Received" with no CVSS score until NVD completes analysis.

Can I look up thousands of CVEs at once? Yes — provide a large cveIds array or use maxResults: 2000 with a keyword/CPE search. Large runs may take 10–20 minutes due to NVD rate limits. Schedule them overnight for best results.

Other security and developer tools

SSL Certificate Checker — validate SSL/TLS certificates for any domain
DNS Record Checker — query A, MX, TXT, CNAME, and other DNS records
DMARC Record Checker — validate DMARC email authentication policies
Broken Link Checker — find 404s and broken links across any website
HTTP Status Checker — bulk check HTTP response codes for URL lists
JSON Schema Generator — generate JSON Schema from JSON examples
Color Contrast Checker — validate WCAG 2.1 color accessibility compliance

NVD CVE Vulnerability Search

ryanclinton/nvd-cve-vulnerability-search

NVD CVE Vulnerability Search queries the NIST National Vulnerability Database (NVD) REST API v2.0 to retrieve detailed information about Common Vulnerabilities and Exposures (CVEs). The NVD is the U.S.

Ryan Clinton

Maigret Username OSINT Search

ntriqpro/maigret-actor

Search for a username across 3000+ websites using maigret. Discover social media profiles, forums, and online accounts associated with a username.

daehwan kim

5.0

(1)

Vulnerability Exploit Probability Index

ntriqpro/first-cvss-severity-index

See how likely security vulnerabilities are to be actually exploited in the real world. Prioritize security work by real risk.

daehwan kim

Country Profile & Intelligence Analyzer

ntriqpro/domain-threat-intelligence-scorer

Get detailed country profiles with economic, political, and development data for market research and business decisions.

daehwan kim

US Government Cybersecurity Alert Monitor

ntriqpro/cisa-alert-monitor

Get daily alerts from US government cybersecurity agencies about new security threats and vulnerabilities affecting your systems.

daehwan kim

Phishing & Domain Security Detector

ntriqpro/phish-radar

Check if websites are phishing scams or legitimate. Protect yourself from malicious domains and fraud.

daehwan kim

Security Vulnerability Prioritizer - Fix First Guide

ntriqpro/cve-threat-prioritizer

Find out which security vulnerabilities are most dangerous and likely to be exploited. Know what to fix first.

daehwan kim

Cybersecurity Threat Analyzer - Vulnerabilities & Phishing

ntriqpro/cyber-threat-intelligence-mcp

Monitor security vulnerabilities, phishing campaigns, and cyber threats targeting your industry and systems.

daehwan kim

Security Vulnerability Database - Free Scanner

ntriqpro/nist-cve-vulnerability-scanner

Search for known security vulnerabilities in software. Get detailed risk information and fixes.

daehwan kim

CVE Vulnerability Monitor - NVD Daily

pink_comic/nvd-cve-vulnerability-database

Monitor the National Vulnerability Database for new CVEs daily. Schedule runs to track vulnerabilities by keyword, severity, or vendor. Get CVSS scores, descriptions, and affected products. For security teams, DevSecOps, penetration testers, and compliance. Pay per result.