CVEDB

CVE vulnerability lookup

🔐 SecurityUNMONITORED
AUTH NONECORS AGENT ?HTTPS COMMERCIAL ?

Shodan CVEDB provides fast CVE metadata lookups as JSON.

HOW IT'S SCORED ⓘ
Status badge · for your READMEshipapis health badge: — · unmonitored
ON PROBE SCHEDULE

We probe a documented GET and expect 2xx JSON — full uptime and health score. Open provider docs ↗

Uptime historystarts after first probe

On our probe schedule. Uptime charts appear after the first check lands.

Example responsefrom provider docs — not verified by us
GET https://cvedb.shodan.io/healthz

{
  "status": "healthy"
}
Call itcurl · fetch · python
curl "https://cvedb.shodan.io/healthz"
const res = await fetch("https://cvedb.shodan.io/healthz");
const data = await res.json();
console.log(data);
import requests

res = requests.get("https://cvedb.shodan.io/healthz")
print(res.json())

BROWSER CALLS BLOCKED (NO CORS/HTTPS) — USE THE CURL SNIPPET

Endpoints · 6On scheduleFULL DOCS ↗
On schedule — GET /healthz awaits first probe
GET/healthzPROBED

CVE vulnerability lookup

GET/ping

Lightweight ping endpoint.

GET/status

Service status metadata.

GET/cve/{cve_id}

Info

GET/euvd/{euvd_id}

Info

GET/cpes

Info

Machine-readable spec

We probe a documented GET and expect 2xx JSON — full uptime and health score. Export includes every documented route below.

Response-shape history

Not tracked yet. Shape-change history starts once this API joins our probe schedule.

CVEDB: common questions

Is CVEDB free to use?

Yes — CVEDB is a free security API. Free tier: Free — limits not published. Whether the free tier allows commercial use is unclear — check the provider docs.

Does CVEDB need an API key?

No — CVEDB needs no API key or signup. You can call it straight away; rate limits still apply (Unpublished).

Can I call CVEDB from the browser?

Not directly — CVEDB doesn't send browser-friendly CORS headers, so call it from a server or proxy instead. Copy the curl or Python snippet on this page to get started.

Is CVEDB up right now?

CVEDB is catalogued but not yet on our probe schedule, so we don't publish a live status for it. Check the provider's own status page or docs for its current state.