How do I search for a specific CVE vulnerability?

You can search by CVE ID by running the lookup script followed by the identifier, for example: npx tsx scripts/lookup.ts CVE-2024-1086.

Can I check all vulnerabilities for a specific software product?

Yes, use the --product flag followed by the product name, such as 'OpenSSL' or 'Apache Tomcat', to list all matching vulnerabilities.

Where does the vulnerability data come from?

The skill utilizes the OpenCVE API, which aggregates data from official CVE feeds and the NIST National Vulnerability Database.

How do I ensure I am seeing the most recent security data?

While the skill caches results for 24 hours to improve speed, you can use the --no-cache flag to bypass the cache and fetch fresh data from the API.

Is an API key required to use CVE lookup?

No, this skill uses the public OpenCVE API which does not require authentication, making it ready to use immediately after installation.

CVE Vulnerability Lookup

Name: CVE Vulnerability Lookup
Author: Mearman

byMearman

•

보안 및 테스팅

Retrieves detailed information about Common Vulnerabilities and Exposures (CVEs) and affected software versions directly within your development environment.

The CVE Vulnerability Lookup skill enables developers and security researchers to perform rapid security assessments by querying the OpenCVE database. It provides comprehensive metadata for specific vulnerability IDs or entire product lines, including CVSS severity scores, affected version ranges, and direct links to mitigation references. This tool is essential for identifying risks in project dependencies, conducting security audits, and streamlining incident response workflows without leaving the terminal.

주요 기능

01Discover all known CVEs affecting a particular software product or vendor

02Local 24-hour caching system with a manual bypass for real-time updates

03Search for specific vulnerabilities using standard CVE identifiers

04View detailed CVSS v3.1 severity scores and impact vectors

05Identify specific software version ranges impacted by security flaws

062 GitHub stars

사용 사례

01Verifying the security posture of third-party dependencies before integration

02Researching remediation steps and references during active incident response

03Auditing production software stacks for known security vulnerabilities

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mearman/marketplace cve-lookup

For use in Claude.ai and ChatGPT

Download Skill