Search CVEs instantly and access detailed vulnerability info, CVSS scores, and official security advisories.
CVE-2021-44228 (Log4Shell) or CVE-2014-0160 (Heartbleed)
Search for any Common Vulnerabilities and Exposures (CVE) identifier
See how Zecurit Endpoint Manager helps you deploy updates faster and reduce risk.
Our CVE lookup tool connects directly to the National Vulnerability Database (NVD) to provide accurate, up-to-date vulnerability information from the official NIST repository.
Search any CVE identifier and get instant access to the latest vulnerability details, including descriptions, severity scores, and affected systems.
View comprehensive Common Vulnerability Scoring System (CVSS) metrics including base scores, severity ratings, and attack complexity assessments.
Access official security advisories, patches, and mitigation guidance from vendors, security researchers, and CERT organizations.
Use our CVE lookup tool as much as you need. No registration, no API limits, completely free for security professionals and IT teams.
Search CVE identifiers on any device with our responsive design. Perfect for quick vulnerability checks during incident response.
Common Vulnerabilities and Exposures (CVE) is a standardized identifier system for publicly known cybersecurity vulnerabilities. Each CVE ID uniquely identifies a specific vulnerability in software, hardware, or firmware.
Format: CVE-YEAR-NUMBER
Example: CVE-2024-12345
Year: The year the CVE was assigned
Number: Unique sequential identifier (4+ digits)
Critical (9.0-10.0): Extremely dangerous vulnerabilities requiring immediate patching
High (7.0-8.9): Serious vulnerabilities that should be prioritized for patching
Medium (4.0-6.9): Moderate risk vulnerabilities requiring timely remediation
Low (0.1-3.9): Lower risk vulnerabilities with limited impact
None (0.0): Informational entries with no direct security impact
Vulnerability Management: Track and prioritize security patches across your infrastructure
Compliance Requirements: Meet regulatory requirements for vulnerability tracking and reporting
Incident Response: Quickly research CVEs during security incidents and breach investigations
Risk Assessment: Evaluate the severity and impact of vulnerabilities affecting your systems
Security Research: Stay informed about emerging threats and vulnerability trends
Critical remote code execution vulnerability in Apache Log4j logging library. CVSS Score: 10.0. Affected millions of Java applications worldwide.
Critical information disclosure vulnerability in OpenSSL. CVSS Score: 7.5. Exposed sensitive data from web servers globally.
Critical remote code execution in Microsoft SMB. CVSS Score: 8.1. Exploited by WannaCry and NotPetya ransomware attacks.
Critical Windows Print Spooler vulnerability allowing remote code execution. CVSS Score: 8.8. Required urgent patching across Windows environments.
Critical Remote Desktop Protocol vulnerability in Windows. CVSS Score: 9.8. Wormable exploit affecting legacy Windows systems.
Scan your infrastructure regularly for known CVEs
Subscribe to security advisories for products you use
Implement automated vulnerability scanning tools
Maintain an inventory of software versions across your environment
Focus first on Critical and High severity CVEs
Consider exploitability and public exploit availability
Evaluate business impact of affected systems
Implement emergency patching procedures for zero-days
Identify: Use CVE lookup to research newly disclosed vulnerabilities
Assess: Determine if your systems are affected
Prioritize: Rank vulnerabilities by CVSS score and business impact
Remediate: Apply patches, workarounds, or mitigations
Verify: Confirm vulnerabilities are properly addressed
Document: Maintain records for compliance and auditing
Monitor NVD and security mailing lists
Follow vendor security advisories
Join security communities and forums
Use threat intelligence feeds for emerging CVEs
The National Vulnerability Database is the U.S. government repository of standards-based vulnerability management data maintained by NIST. It provides comprehensive CVE information including severity scores, impact ratings, and fix information.
New CVEs are typically added to the NVD within hours to days of public disclosure. Our tool queries the live NVD API to ensure you always get the most current vulnerability information available.
CVE (Common Vulnerabilities and Exposures) is the identifier system that assigns unique IDs to vulnerabilities. CVSS (Common Vulnerability Scoring System) is the scoring framework that rates the severity and impact of those vulnerabilities on a scale of 0-10.
Yes! Our CVE lookup tool is perfect for security compliance reporting, vulnerability management programs, and audit documentation. Export or screenshot CVE details for inclusion in security reports and compliance documentation.
If your CVE search returns no results, verify the CVE ID format is correct (CVE-YYYY-NNNNN). The CVE may not exist, might be reserved but not yet published, or could be too new to appear in the NVD database.
Security teams should monitor new CVE disclosures daily, especially for critical infrastructure components. Subscribe to vendor security bulletins and use automated tools to track CVEs affecting your specific software and hardware.
After identifying a critical CVE affecting your systems: verify the vulnerability, check vendor advisories for patches or workarounds, assess business impact, implement mitigations immediately, test patches in non-production environments, and deploy fixes according to your change management process.
Yes, once assigned, CVE IDs are permanent and never reused. This ensures consistent tracking and reference across the entire security industry, even if vulnerability details are updated over time.