TOOLS / CVE LOOKUP
CVE Lookup
Enter any CVE ID. We query the NIST NVD database and link to our coverage if we've written about it.
What it does
The Common Vulnerabilities and Exposures (CVE) system is the canonical reference for security defects in commercial software. Each CVE ID maps to a unique vulnerability with details on affected products, exploitability, and severity. Our CVE Lookup queries the official NIST National Vulnerability Database (NVD) and combines those details with our own research articles — so when you check a CVE here, you get both the technical record and our analysis of how attackers are exploiting it in the wild.
How to use it
- Enter a CVE ID in the format CVE-YYYY-NNNN (e.g. CVE-2026-0300).
- Click "Look up" — results return in under a second (cached for 7 days).
- Read the CVSS v3.1 base score and severity tier to gauge urgency.
- Check the "Affected products" section to see which vendors and product versions are vulnerable.
- Scroll to "Our coverage" — if we’ve written about this CVE, those posts include defense-in-depth detection and detection-engineering guidance.
Common use cases
SOC triage
When a new CVE drops in your SIEM’s threat feed, paste it here for instant context: severity, attack vector, whether it requires privileges, and which of your installed products are affected.
Patch prioritization
Filter your monthly patch list by checking each CVE’s CVSS score and exploitability metrics. Critical (9.0+) with network attack vector and no user interaction goes first.
Incident response
When a breach disclosure mentions a CVE chain (e.g. "exploited CVE-2024-3400 and CVE-2026-0300"), look up each to understand the full attack path.
Compliance reporting
For PCI/ISO/SOC2 vulnerability management evidence, export the NVD details for any CVE in your scope.
Frequently asked questions
What is a CVE? +
CVE stands for Common Vulnerabilities and Exposures. It’s a global identifier system maintained by MITRE for publicly known software vulnerabilities. Each CVE has a unique ID in the format CVE-YYYY-NNNN.
How is CVSS severity calculated? +
CVSS (Common Vulnerability Scoring System) scores a vulnerability from 0.0 to 10.0 based on metrics like attack vector, complexity, privileges required, user interaction, and impact on confidentiality, integrity, and availability. Scores ≥ 9.0 are CRITICAL, 7.0–8.9 HIGH, 4.0–6.9 MEDIUM, 0.1–3.9 LOW.
Why does the lookup say "not found"? +
Either the CVE ID is mistyped, the CVE was rejected/withdrawn after assignment, or it’s a reserved ID that hasn’t been published yet. Some CVEs are filed but not disclosed publicly for embargo reasons.
How fresh is the data? +
We cache NVD responses for 7 days. For breaking-news CVEs where exploitation status changes hourly, refer to the CISA KEV catalog or vendor advisories.
Can I look up CVEs in bulk? +
Not yet via this UI. A bulk-lookup endpoint is on our roadmap. For now, query each CVE individually or use the NVD API directly with our linked references.
Related tools
Phishing URL Checker
URLhaus + Safe Browsing + 7-indicator heuristic engine. Safe to use on suspicious links.
Hash Reputation Checker
MalwareBazaar + VirusTotal cross-check. Drag a file in — hashed locally in your browser.
IP Reputation Lookup
AbuseIPDB abuse score + ipinfo geo + Tor exit-node detection. IPv4 and IPv6.
Related coverage on Ciphers Security
- YARA-X 1.16.0: Faster Scans, Panic Fixes, and Neovim LSP Support
- MacSync Stealer: Hackers Abuse Google Ads and Claude.ai Chats to Push Mac Malware
- JDownloader Site Hacked, Installers Swapped with Python RAT Malware
- Twelve Critical vm2 Node.js Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
- Canvas LMS Breach Escalates: 275M Records, 9,000 Schools, May 12 Ransom Deadline
Free for everyone, no signup required. Tool runs at /tools/cve-lookup/ — bookmark or share.