with one click
cveapi
CVE lookup via MITRE + NVD: severity, CVSS, affected products, refs
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.
Menu
CVE lookup via MITRE + NVD: severity, CVSS, affected products, refs
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.
Based on SOC occupation classification
Search and download arXiv papers (no API key needed)
Delegate coding and file edits to Anthropic Claude Code CLI
Read/write Windows clipboard text, HTML, images, history (PowerShell)
Running scripts and code on Windows
Delegate coding tasks to OpenAI Codex CLI
Windows Defender: scans, threat history, signatures (PowerShell)
| name | cveapi |
| description | CVE lookup via MITRE + NVD: severity, CVSS, affected products, refs |
| category | security |
| version | 1.0.0 |
| license | Apache-2.0 |
| origin | aiden |
| tags | security, cve, vulnerability, nvd, mitre, cvss, patch, incident-response, compliance |
Look up any CVE (Common Vulnerabilities and Exposures) by ID to get severity, CVSS score, affected products, and reference links. Uses the MITRE CVE API (cveawg.mitre.org) with automatic fallback to the NVD (National Vulnerability Database) for richer data.
No API key required. Optionally set NVD_API_KEY for higher rate limits on the NVD endpoint.
$cveId = "CVE-2021-44228"
$url = "https://cveawg.mitre.org/api/cve/$cveId"
$result = Invoke-RestMethod -Uri $url
$cna = $result.containers.cna
$desc = ($cna.descriptions | Where-Object { $_.lang -eq 'en' } | Select-Object -First 1).value
$cvss = $cna.metrics | ForEach-Object {
$_.PSObject.Properties | Where-Object { $_.Name -like 'cvssV3*' } |
Select-Object -First 1 -ExpandProperty Value
} | Select-Object -First 1
Write-Host "CVE: $($result.cveMetadata.cveId)"
Write-Host "State: $($result.cveMetadata.state)"
Write-Host "Published: $($result.cveMetadata.datePublished)"
Write-Host "Score: $($cvss.baseScore) ($($cvss.baseSeverity))"
Write-Host "Description: $desc"
Write-Host "References: $(($cna.references | Select-Object -First 3 -ExpandProperty url) -join ', ')"
$cveId = "CVE-2021-44228"
$headers = @{}
if ($env:NVD_API_KEY) { $headers['apiKey'] = $env:NVD_API_KEY }
$url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=$cveId"
$result = Invoke-RestMethod -Uri $url -Headers $headers
$cve = $result.vulnerabilities[0].cve
$desc = ($cve.descriptions | Where-Object { $_.lang -eq 'en' } | Select-Object -First 1).value
$metric = $cve.metrics.cvssMetricV31[0].cvssData
Write-Host "CVE: $($cve.id)"
Write-Host "Published: $($cve.published)"
Write-Host "Score: $($metric.baseScore) ($($metric.baseSeverity))"
Write-Host "Vector: $($metric.vectorString)"
Write-Host "Desc: $($desc.Substring(0, [Math]::Min(200, $desc.Length)))..."
$cveIds = @("CVE-2021-44228", "CVE-2023-4863", "CVE-2024-3094")
foreach ($id in $cveIds) {
try {
$url = "https://cveawg.mitre.org/api/cve/$id"
$result = Invoke-RestMethod -Uri $url
$cna = $result.containers.cna
$cvss = ($cna.metrics | Where-Object { $_.PSObject.Properties.Name -like 'cvssV3*' } |
Select-Object -First 1).PSObject.Properties.Value | Select-Object -First 1
Write-Host "$id Score: $($cvss.baseScore ?? 'N/A') ($($cvss.baseSeverity ?? 'UNKNOWN'))"
} catch {
Write-Host "$id ERROR: $($_.Exception.Message)"
}
Start-Sleep -Milliseconds 200 # polite rate limiting
}
"Look up CVE-2021-44228" → Returns Log4Shell details: CVSS 10.0 CRITICAL, affects Apache Log4j 2.x.
"What's the severity of CVE-2023-4863?" → Returns WebP heap buffer overflow: CVSS 8.8 HIGH, affects Chrome/libwebp.
"Get details for CVE-2024-3094" → Returns XZ Utils backdoor: CVSS 10.0 CRITICAL, supply-chain attack.
"Is CVE-2024-12345 critical?" → Looks up and reports severity tier: CRITICAL / HIGH / MEDIUM / LOW / NONE.
NVD_API_KEYRESERVED (not yet disclosed) — the API returns limited dataNVD_API_KEY (optional) — free at https://nvd.nist.gov/developers/request-an-api-key