Files
wehub-resource-sync 9b395f5cc3
Build Chrome Extension / build (push) Waiting to run
Trigger Website Rebuild (Docs Updated) / dispatch (push) Waiting to run
E2E Headed Chrome / e2e-headed (macos-15) (push) Has been cancelled
E2E Headed Chrome / e2e-headed (ubuntu-latest) (push) Has been cancelled
E2E Headed Chrome / e2e-headed (windows-latest) (push) Has been cancelled
CI / build (macos-latest) (push) Has been cancelled
CI / build (ubuntu-latest) (push) Has been cancelled
CI / build (windows-latest) (push) Has been cancelled
CI / unit-test (push) Has been cancelled
CI / bun-test (push) Has been cancelled
CI / adapter-test (push) Has been cancelled
CI / smoke-test (macos-latest) (push) Has been cancelled
CI / smoke-test (ubuntu-latest) (push) Has been cancelled
Security Audit / audit (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 12:39:48 +08:00

1.9 KiB
Raw Permalink Blame History

NVD (NIST National Vulnerability Database)

Mode: 🌐 Public · Domain: services.nvd.nist.gov

Fetch a single CVE record from the NIST National Vulnerability Database via the public CVE 2.0 API.

Commands

Command Description
opencli nvd cve <id> Fetch a CVE detail (description, CVSS, CWE, KEV flag)

Usage Examples

# Log4Shell
opencli nvd cve CVE-2021-44228

# Heartbleed
opencli nvd cve CVE-2014-0160

# JSON output for downstream tooling
opencli nvd cve CVE-2021-44228 -f json

Output Columns

Column Description
id Canonical CVE id
published First published date (YYYY-MM-DD)
lastModified Last modified date (YYYY-MM-DD)
vulnStatus NVD analysis status (e.g. Analyzed, Awaiting Analysis)
baseScore CVSS base score (numeric, 010)
severity CVSS severity (CRITICAL / HIGH / MEDIUM / LOW / NONE)
attackVector CVSS attack vector (NETWORK / LOCAL / PHYSICAL / ADJACENT)
cwe Comma-separated CWE id(s)
kevAdded CISA KEV (Known Exploited Vulnerabilities) date if present
description English description
url Canonical NVD detail URL

Options

Option Description
id (positional) CVE identifier (CVE-YYYY-N…, case-insensitive). Validated upfront.

Caveats

  • The CVE id is validated against ^CVE-\d{4}-\d{4,}$; bad input raises ArgumentError.
  • CVSS columns prefer v3.1, fall back to v3.0, then v2 if neither v3 record is present.
  • NVD enforces aggressive rate limits without an API key. HTTP 403 and HTTP 429 both surface as typed CommandExecutionError with a retry hint.
  • Empty / unanalyzed records (no CVSS payload) leave baseScore / severity / attackVector as null / empty rather than fabricating defaults.

Prerequisites

  • No browser required — uses services.nvd.nist.gov/rest/json/cves/2.0.