NVD Vulnerability Scraper
Pricing
from $3.00 / 1,000 results
NVD Vulnerability Scraper
Scrape the NIST National Vulnerability Database (NVD) - the U.S. government repository of CVE records, CVSS scores, CWE classifications, and Known Exploited Vulnerabilities (KEV). Search by keyword, lookup by CVE ID, filter by severity, date range, or CWE weakness.
Pricing
from $3.00 / 1,000 results
Rating
0.0
(0)
Developer
Crawler Bros
Maintained by CommunityActor stats
0
Bookmarked
2
Total users
1
Monthly active users
5 days ago
Last modified
Categories
Share
Extract CVE (Common Vulnerabilities and Exposures) records from the NIST National Vulnerability Database (NVD) — the U.S. government's authoritative repository of vulnerability management data, used by security teams, DevSecOps engineers, and threat intelligence analysts worldwide.
No API key required. All data is freely available from NIST.
What is the NVD?
The National Vulnerability Database is maintained by NIST (National Institute of Standards and Technology) and provides:
- CVE records for 250,000+ known vulnerabilities
- CVSS scores (v2, v3.x) measuring vulnerability severity
- CWE classifications for weakness types (SQL injection, XSS, buffer overflow, etc.)
- CPE data listing affected products and versions
- CISA KEV catalog — Known Exploited Vulnerabilities being actively targeted
Use Cases
- Security operations — Monitor for new critical CVEs affecting your stack
- Vulnerability management — Prioritize patching by CVSS score and KEV status
- Threat intelligence — Research CVEs affecting specific vendors or products
- Compliance reporting — Generate CVE reports for audits and regulatory requirements
- DevSecOps — Integrate vulnerability feeds into CI/CD pipelines
- Research — Analyze vulnerability trends, CWE distributions, and exploit patterns
Input
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
mode | Select | Yes | latestCVEs | Scraping mode (see Modes section) |
searchQuery | String | For search | log4j | Keyword to search CVEs |
cveId | String | For byCveId | CVE-2021-44228 | Exact CVE ID to fetch |
severity | Select | No | (all) | CVSS v3 severity: LOW/MEDIUM/HIGH/CRITICAL |
cvssMinScore | Number | No | — | Minimum CVSS v3 score (0.0–10.0) |
cvssMaxScore | Number | No | — | Maximum CVSS v3 score (0.0–10.0) |
dateRangeFrom | String | For byDateRange | — | Start date (ISO 8601, e.g. 2024-01-01) |
dateRangeTo | String | For byDateRange | — | End date (ISO 8601, e.g. 2024-12-31) |
cweId | String | No | — | Filter by CWE ID (e.g. CWE-79, CWE-89) |
isKnownExploited | Boolean | No | false | Only KEV-listed vulnerabilities |
maxItems | Integer | No | 50 | Maximum records to return (1–2000) |
Modes
| Mode | Description |
|---|---|
latestCVEs | Most recently added/modified CVEs (default) |
search | Search CVEs by keyword |
byCveId | Fetch a single CVE by exact ID |
bySeverity | Browse CVEs filtered by CVSS severity level |
byDateRange | CVEs published in a specific date range |
Output
Each CVE record contains:
| Field | Type | Description |
|---|---|---|
cveId | String | CVE identifier (e.g. CVE-2021-44228) |
description | String | Full English vulnerability description |
status | String | NVD analysis status (Analyzed, Modified, etc.) |
severity | String | CVSS v3 severity (LOW/MEDIUM/HIGH/CRITICAL) |
cvssV3Score | Number | CVSS v3 base score (0.0–10.0) |
cvssV3Vector | String | CVSS v3 vector string |
cvssV2Score | Number | CVSS v2 base score (0.0–10.0) |
publishedDate | String | NVD publication timestamp |
lastModifiedDate | String | Last modification timestamp |
weaknesses | Array | CWE IDs (e.g. ["CWE-917", "CWE-502"]) |
affectedProducts | Array | CPE strings for affected products/versions |
references | Array | URLs to advisories, patches, and write-ups |
patchAvailable | Boolean | True if any reference has a "Patch" tag |
isKnownExploited | Boolean | True if in CISA KEV catalog |
kevExploitAddDate | String | Date added to KEV catalog |
kevRequiredAction | String | CISA-required remediation action |
kevVulnerabilityName | String | CISA's descriptive name for the vulnerability |
sourceUrl | String | NVD detail page URL |
scrapedAt | String | UTC timestamp of data extraction |
recordType | String | Always vulnerability |
Sample Output
FAQs
Do I need an API key? No. The NVD API is publicly accessible without authentication. Without an API key, requests are rate-limited to approximately 5 requests per 30 seconds. The actor handles this automatically with appropriate delays.
What is CVSS? The Common Vulnerability Scoring System (CVSS) is an open framework for communicating the characteristics and severity of software vulnerabilities. Scores range from 0.0 (none) to 10.0 (critical). CVSS v3.x is the current standard; the actor extracts v3.1, v3.0, and v2 scores.
What is KEV?
CISA's Known Exploited Vulnerabilities (KEV) catalog lists CVEs that are actively being exploited in the wild. These represent the highest-priority vulnerabilities to patch. Use isKnownExploited=true to focus on these.
What is CWE?
Common Weakness Enumeration (CWE) is a category system for software weaknesses. Examples: CWE-79 (Cross-site Scripting), CWE-89 (SQL Injection), CWE-79 (Buffer Overflow). Use cweId to filter by weakness type.
How do I find CVEs for a specific product?
Use mode=search with the product name as the keyword (e.g. openssl, apache httpd, windows rdp). For more precise results, use the full CPE name in your search.
What is the maximum date range I can query? NVD API allows date ranges up to 120 days per request for historical queries. For larger ranges, run multiple actor calls with sequential date windows.
How fresh is the data?
The NVD is updated continuously. New CVEs are typically published within days of their CNA (CVE Numbering Authority) submission. Use mode=latestCVEs to get the most recently added records.
Can I filter by both severity and CWE?
Yes. All filters can be combined: set severity=CRITICAL and cweId=CWE-79 to find critical-severity XSS vulnerabilities.
