Pricing

from $1.00 / 1,000 results

CVE-to-PoC Mapper

Maps CVEs to publicly available Proof-of-Concept code. Scrapes GitHub, ExploitDB, and NVD to answer: is there a working exploit, which versions are affected, and is a patch available?

Pricing

from $1.00 / 1,000 results

Rating

0.0

(0)

Developer

Sreenivasan S

Actor stats

Bookmarked

Total users

Monthly active users

4 days ago

Last modified

What does CVE-to-PoC Mapper do?

CVE-to-PoC Mapper maps CVE identifiers to publicly available Proof-of-Concept code in seconds. Give it a CVE ID (like CVE-2024-6387) and it automatically searches GitHub, ExploitDB, and the NVD (National Vulnerability Database) to answer three critical questions:

Is there a working exploit? - Finds PoC repositories on GitHub and published exploits on ExploitDB
Which versions are affected? - Extracts affected product and version ranges from NVD CPE data
Is a patch available? - Collects vendor advisories and patch links

Built on the Apify platform, you get API access, scheduling, proxy rotation, and monitoring without managing infrastructure. Run it once, or schedule it to monitor new CVEs as they're published.

Why use CVE-to-PoC Mapper?

For security researchers and red teams: Stop manually searching GitHub and ExploitDB for every CVE. One API call gives you the full picture.

For blue teams and SOC analysts: When a new critical CVE drops, instantly know if public exploit code exists and which of your systems are in the affected version range.

For threat intelligence platforms: Integrate CVE enrichment into your pipelines via the Apify API. Enrich alerts with PoC availability and CVSS data automatically.

How to use CVE-to-PoC Mapper

Create a free Apify account at console.apify.com
Open CVE-to-PoC Mapper in the Apify Store
Go to the Input tab and enter your CVE IDs
Click Start and wait a few seconds
Download results from the Output tab in JSON, CSV, Excel, or HTML

You can also call it programmatically via the Apify API for integration into your existing tools.

Input

The actor accepts a JSON object with these fields:

Field	Type	Required	Default	Description
`cveIds`	string[]	Yes	-	List of CVE IDs to look up (e.g. `["CVE-2024-6387"]`)
`maxGitHubResults`	integer	No	10	Max GitHub repos to return per CVE (1-100)
`includeGitHub`	boolean	No	true	Search GitHub for PoC repositories
`includeExploitDb`	boolean	No	true	Search ExploitDB for published exploits
`githubToken`	string	No	-	GitHub PAT for higher API rate limits
`nvdApiKey`	string	No	-	NVD API key for higher rate limits

Example input:

{
  "cveIds": ["CVE-2024-6387", "CVE-2024-3094", "CVE-2021-44228"],
  "maxGitHubResults": 5,
  "includeGitHub": true,
  "includeExploitDb": true
}

Output

The actor returns an array of CVE result objects. You can download the dataset in various formats such as JSON, HTML, CSV, or Excel.

{
  "cveId": "CVE-2024-6387",
  "description": "A security regression (CVE-2006-5051) was discovered in OpenSSH's server...",
  "cvssScore": 8.1,
  "severity": "HIGH",
  "cweIds": ["CWE-364", "CWE-362"],
  "affectedProducts": [
    {
      "vendor": "openbsd",
      "product": "openssh",
      "versionStart": null,
      "versionEnd": "9.8p1",
      "versionStartIncluding": false,
      "versionEndExcluding": true
    }
  ],
  "patchUrls": ["https://www.openssh.com/releasenotes.html"],
  "nvdUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-6387",
  "publishedDate": "2024-07-01T13:15:06.467",
  "lastModifiedDate": "2025-09-30T13:52:23.540",
  "githubPocUrls": [
    {
      "repoUrl": "https://github.com/xaitax/CVE-2024-6387_Check",
      "repoName": "xaitax/CVE-2024-6387_Check",
      "description": "CVE-2024-6387 (regreSSHion) vulnerability checker",
      "stars": 523,
      "lastUpdated": "2024-07-15T00:00:00Z",
      "isArchived": false
    }
  ],
  "exploitDbResults": [
    {
      "edbId": "51234",
      "title": "OpenSSH 9.8p1 - Remote Code Execution (RCE)",
      "author": "researcher",
      "type": "remote",
      "platform": "Linux",
      "exploitUrl": "https://www.exploit-db.com/exploits/51234"
    }
  ],
  "scrapedAt": "2026-05-07T16:00:00.000Z",
  "errors": []
}

Data table

Field	Description
`cveId`	The CVE identifier
`cvssScore`	CVSS v3.1 base score (0-10, null if unavailable)
`severity`	Severity level (CRITICAL, HIGH, MEDIUM, LOW, or null)
`description`	English vulnerability description from NVD
`cweIds`	CWE weakness identifiers (e.g. CWE-362)
`affectedProducts`	Array of affected vendor/product/version ranges (from CPE)
`patchUrls`	Vendor advisory and patch URLs
`nvdUrl`	Direct link to NVD detail page
`githubPocUrls`	GitHub repositories matching the CVE (name, URL, stars, description)
`exploitDbResults`	ExploitDB entries matching the CVE (EDB-ID, title, type, platform, author)
`publishedDate`	CVE publication date
`lastModifiedDate`	CVE last modification date
`scrapedAt`	Timestamp when this lookup was performed
`errors`	Non-fatal errors encountered during lookup (empty array = clean run)

Pricing / Cost estimation

CVE-to-PoC Mapper uses Apify's pay-per-event pricing model.

$3 per 1,000 results. A single CVE lookup typically generates 3-10 results (NVD base + GitHub repos + ExploitDB entries), costing approximately $0.01-0.03 per CVE.

Apify offers a free tier for low-volume usage. Check the Apify Console for your current usage and billing details.

Tips

Speed up runs: Set includeExploitDb: false if you only need GitHub PoCs. This skips browser automation and cuts runtime by ~50%.
Batch efficiently: Process up to 10 CVEs per run. Each CVE takes ~5s with ExploitDB enabled or ~2s with NVD + GitHub only.
Rate limits: Add a githubToken (free personal access token from GitHub) to increase GitHub search API limits from 10/min to 30/min.
NVD API key: Request a free key from nvd.nist.gov for higher NVD API rate limits on large batches.
Automate monitoring: Use Apify Schedules to re-scan CVEs daily and catch newly published PoCs.

FAQ, disclaimers, and support

Is this legal? Yes. The actor only scrapes publicly available data from NVD (US government database), GitHub (public repositories), and ExploitDB (public exploit database). It respects rate limits and does not access private or authentication-walled content.

What CVEs are supported? Any CVE published in the NVD. The actor validates CVE ID format (CVE-YYYY-NNNNN) automatically and skips invalid IDs.

Are the exploits safe to use? The actor maps CVEs to PoC URLs only. It does not execute, validate, or endorse any exploit code. Always exercise caution when running third-party exploit code.

ExploitDB returned 0 results for my CVE - why? Not all CVEs have ExploitDB entries. ExploitDB contains a curated set of published exploits, not a complete mapping of all CVEs.

Getting help: For bugs, feature requests, or questions, open an issue on the GitHub repository or use the Issues tab in Apify Console.

Custom solutions: Need a custom version with additional data sources (Metasploit, Shodan, Censys) or batch processing of hundreds of CVEs? Contact the developer through the Apify Store.

Built with Crawlee + Playwright by Sreeniverse.

NVD CVE Vulnerability Search

ryanclinton/nvd-cve-vulnerability-search

NVD CVE Vulnerability Search queries the NIST National Vulnerability Database (NVD) REST API v2.0 to retrieve detailed information about Common Vulnerabilities and Exposures (CVEs). The NVD is the U.S.

Ryan Clinton

NVD CVE Vulnerability Crawler

jungle_synthesizer/nvd-cve-crawler

Crawl 250K+ CVE records from the NIST National Vulnerability Database. Extract CVSS v3.1 scores, severity ratings, attack vectors, affected products (CPE), CWE weaknesses, and exploit/patch status. Filter by keyword, severity, vendor, and date range.

BowTiedRaccoon

Patch Usa News Scraper

runtime/patch-usa-news-scraper

A robust web scraper to extract news articles from patch.com. This actor is designed to crawl patch.com and extract comprehensive article data including titles, authors, publish dates, content, and images.

scraping automation

CVE Vulnerability Scraper

cloud9_ai/cve-scraper

Search and extract CVE vulnerability data from NIST NVD. Get CVSS scores, affected products, and references. No API key required.

cloud9

CVE Intelligence MCP - Updated

red.cars/cve-intelligence-mcp

CVE vulnerability intelligence for AI agents — NVD data, CVSS scoring, affected software, and vulnerability trend analysis.

AutomateLab

NIST NVD CVE Vulnerability Database Scraper

compute-edge/nist-nvd-scraper

Search and extract CVE vulnerability data from the NIST National Vulnerability Database (NVD) API 2.0. Filter by keyword, CVSS severity, publication date, and modification date. Returns flattened CVE records with CVSS scores, CWE IDs, references, and affected products.

Compute Edge

CVE Vulnerability Monitor - NVD Daily

pink_comic/nvd-cve-vulnerability-database

Monitor the National Vulnerability Database for new CVEs daily. Schedule runs to track vulnerabilities by keyword, severity, or vendor. Get CVSS scores, descriptions, and affected products. For security teams, DevSecOps, penetration testers, and compliance. Pay per result.

Ava Torres

CVE Search MCP Server

vulnv/cve-search

Model Context Protocol (MCP) server for searching and retrieving CVE (Common Vulnerabilities and Exposures) information from the CVE-Search API. Provides tools to search CVEs by vendor, product, CVE ID, and get latest vulnerabilities with CAPEC, CWE and CPE expansions.

VulnV

Etsy Poc Spider

getdataforme/etsy-poc-spider

Etsy Poc Spider is an Apify Actor that efficiently scrapes comprehensive Etsy shop data, including owner details, locations, descriptions, and social media links. Perfect for market research, competitive intelligence, and business automation....