Cybersecurity tool · Live NVD + CISA KEV · Edge-cached

Cybersecurity CVE Lookup

Calibrated against NVD CVSS v3.1 + v4.0, CISA Known Exploited Vulnerabilities catalog, MITRE CWE classification

Paste a CVE ID (or batch up to 10) and get CVSS scoring, CISA KEV exploitation status, CWE classification, affected products, vendor advisories, and the cybersecurity role guides that should know about it. Lookups run server-side against the National Vulnerability Database and the CISA KEV catalog.

Free. No account required. Results cached at the Vercel edge for 1 hour per CVE.

CVE ID

How cybersecurity practitioners use this

Triage during an incident. Paste the CVE you just saw in a SIEM alert. KEV status answers "is this being actively exploited" in one second.
Patch prioritization. Batch-look up the open CVEs from your scanner. KEV-flagged + CRITICAL severity are the ones that fight for the maintenance window.
Pen test planning. CWE classification + affected products tells you whether the bug is exploitable in the target's stack.
Career-development link. Each result shows which DecipherU role guide owns this class of work, so juniors can study the path that leads to handling these vulnerabilities full-time.

Common questions

Where does the data come from?

Live from the National Vulnerability Database (NVD, https://nvd.nist.gov) for the CVE record, and from the CISA Known Exploited Vulnerabilities (KEV) catalog for the active-exploitation flag. Both are public, free, no authentication required. Lookups happen server-side and are cached at the Vercel edge for 1 hour per CVE (24 hours for the KEV catalog).

What does "in CISA KEV" mean?

The CISA Known Exploited Vulnerabilities catalog lists CVEs that have been observed in active attacks against U.S. infrastructure. CISA maintains the catalog. For federal civilian agencies, KEV-listed CVEs carry a binding patch deadline (typically two weeks). For everyone else, KEV inclusion is the strongest single signal that a vulnerability is being actively exploited and should be prioritized for remediation.

Why is severity sometimes UNKNOWN?

NVD assigns CVSS scores as part of the vulnerability analysis process. Newly published CVEs sometimes appear without a CVSS score for the first 24 to 72 hours while NIST analysts work the queue. Once analysis completes, CVSS v3.1 (and increasingly v4.0) scores show up here on the next 1-hour cache refresh.

Can I look up multiple CVEs at once?

Yes, switch to Batch mode and paste up to 10 CVE IDs comma-separated. Each lookup hits NVD individually and the results are returned together. The 10-CVE cap is a polite-citizen limit on the NVD rate budget; for bulk programmatic access, request an NVD API key and use the API directly.

Are the role-guide cross-links accurate?

They're heuristic, derived from the CWE classification on each CVE. We map common CWE families (injection, auth, crypto, supply chain) to the DecipherU career guides most likely to triage that class of vulnerability. SOC Analyst is included on every result because SOC analysts triage every CVE during incident workflows.

Last verified: April 2026?Report an inaccuracy

Cybersecurity CVE Lookup

Free. No account required. Results cached at the Vercel edge for 1 hour per CVE.

How cybersecurity practitioners use this

Triage during an incident. Paste the CVE you just saw in a SIEM alert. KEV status answers "is this being actively exploited" in one second.

Patch prioritization. Batch-look up the open CVEs from your scanner. KEV-flagged + CRITICAL severity are the ones that fight for the maintenance window.

Pen test planning. CWE classification + affected products tells you whether the bug is exploitable in the target's stack.

Career-development link. Each result shows which DecipherU role guide owns this class of work, so juniors can study the path that leads to handling these vulnerabilities full-time.