CVEDB API - Fast Vulnerability Lookups

The CVEDB API offers a quick way to check information about vulnerabilities in a service. You can search using either the CVE-ID or CPE23.

View API Docs View Dashboard

Last Updated:

Newest Vulnerabilities?

Here is a compilation of the most recent vulnerabilities impacting various products.
CVE ID Affected Products
                        {
    "cve": "CVE-2016-10087",
    "summary": "The png_set_text_2 function in libpng 0.71
    before 1.0.67, 1.2.x before 1.2.57, 1.4.x
    before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27
    allows context-dependent attackers to cause a NULL
    pointer dereference vectors involving loading a text chunk
    into a png structure, removing the text, and
    then adding another text chunk to the structure.",
    "cvss": 7.5,
    "cvss_version": 3,
    "cvss_v2": 5,
    "cvss_v3": 7.5,
    "epss": 0.01091,
    "ranking_epss": 0.8392,
    "kev": true,
    "propose_action": "Apply updates per vendor instructions.",
    "ransomware_campaign": "Unknown",
    "references": [
        "http://www.securityfocus.com/bid/95157",
        "http://www.openwall.com/lists/oss-security/2016/12/29/2",
        "http://www.openwall.com/lists/oss-security/2016/12/30/4",
        ...
    ],
    "published_time": "2017-01-30T22:59:00",
    "cpes": [
        "cpe:2.3:a:libpng:libpng:1.0.2",
        "cpe:2.3:a:libpng:libpng:1.5.4",
        "cpe:2.3:a:libpng:libpng:1.0.5t",
        "cpe:2.3:a:libpng:libpng:1.0.5s",
        ...
    ]
}
                    

Frequently Asked Questions

  • How much does it cost?
    It's free for non-commercial use! If you're using the CVEDB API to make money, then you need an enterprise license.
  • How often is it updated?
    The API gets updated every day.
  • Do I need a Shodan API key?
    No, you don't need to have a Shodan account or a Shodan API key in order to use the CVEDB API.

Examples

Quickly check vulnerability:
 
~$
curl https://cvedb.shodan.io/cve/CVE-2016-10087
~$
curl https://cvedb.shodan.io/cves?cpe23=cpe:2.3:a:libpng:libpng:0.8

Use the requests Python library to lookup a vulnerability:
                        import requests

# Searching vulnerability information with a specific CVE-ID
CVE_ID = "CVE-2016-10087"
cve = requests.get(f"https://cvedb.shodan.io/cve/{CVE_ID}").json()

# Searching all vulnerabilities with a specific CPE23
CPE23 = "cpe:2.3:a:libpng:libpng:0.8"
cves = requests.get(f"https://cvedb.shodan.io/cves?cpe23={CPE23}").json()
                    

Insight Data

  •  
    # Accessing the newest Vulnerabilities
    ~$
    curl https://cvedb.shodan.io/cves
  •  
    # Accessing specific Vulnerability Details
    ~$
    curl https://cvedb.shodan.io/cve/CVE-2016-10087
  •  
    # Identifying Known Exploited Vulnerabilities
    ~$
    curl https://cvedb.shodan.io/cves?is_kev=true
  •  
    # Discovering the Highest EPSS Scores
    ~$
    curl https://cvedb.shodan.io/cves?sort_by_epss=true
  •  
    # Retrieving CPE 2.3 Dictionary by Product
    ~$
    curl https://cvedb.shodan.io/cpes?product=macos
  •  
    # Filtering Vulnerabilities by Timestamp
    ~$
    curl https://cvedb.shodan.io/cves?start_date=2023-01-01&end_date=2023-12-31
  •  
    # Searching Vulnerabilities by CPE 2.3
    ~$
    curl https://cvedb.shodan.io/cves?cpe23=cpe:2.3:a:libpng:libpng:0.8
  •  
    # Searching Vulnerabilities by Product
    ~$
    curl https://cvedb.shodan.io/cves?product=php


  • Contact Us

    Shodan ® - All rights reserved