cve-lookup
Search for Common Vulnerabilities and Exposures (CVEs) by ID (e.g., CVE-2024-1086) or by product name (e.g., OpenSSL, Apache Tomcat). Get detailed vulnerability information including severity scores, affected software versions, and references. Use when the user wants to look up CVE information, check if a product has known vulnerabilities, or research security issues.
Installation
Details
Usage
After installing, this skill will be available to your AI coding assistant.
Verify installation:
npx agent-skills-cli listSkill Instructions
name: cve-lookup description: Search for Common Vulnerabilities and Exposures (CVEs) by ID (e.g., CVE-2024-1086) or by product name (e.g., OpenSSL, Apache Tomcat). Get detailed vulnerability information including severity scores, affected software versions, and references. Use when the user wants to look up CVE information, check if a product has known vulnerabilities, or research security issues.
CVE Vulnerability Lookup
Search for Common Vulnerabilities and Exposures (CVEs) with detailed information including severity scores, affected software, and references.
Usage
npx tsx scripts/lookup.ts [cve-id | --product <name>] [options]
Arguments
| Argument | Required | Description |
|---|---|---|
cve-id | No* | Search by CVE ID (e.g., CVE-2024-1086) |
--product | No* | Search for CVEs affecting a product |
*Either cve-id or --product must be provided
Options
| Option | Description |
|---|---|
--no-cache | Bypass cache and fetch fresh data |
--limit=<n> | Limit results for product search (default: 10) |
Output
CVE ID Search Output:
📋 CVE-2024-1086
Severity: HIGH (7.8)
Published: 2024-01-15 12:30
Modified: 2024-01-20 08:45
Summary:
A buffer overflow vulnerability in Linux kernel network stack...
CVSS v3.1: 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Affected Software:
1. Linux Kernel - Versions 5.15 to 6.6, 6.7-rc1 to 6.7
Versions: 5.15.0, 5.16.0, 6.0.0, 6.1.0, 6.2.0 ... and 15 more
Weaknesses: CWE-120 (Buffer Copy without Checking Size of Input)
References:
1. https://nvd.nist.gov/vuln/detail/CVE-2024-1086
2. https://www.cisa.gov/news-events/alerts/2024/01/15/...
3. https://github.com/advisories/GHSA-...
Quick Start
npx tsx scripts/lookup.ts CVE-2024-1086
npx tsx scripts/lookup.ts --product OpenSSL
npx tsx scripts/lookup.ts --product "Apache Struts" --limit 20
Run from the cve-search plugin directory: ~/.claude/plugins/cache/cve-search/
Data Sources
The skill uses OpenCVE API as the primary data source:
- OpenCVE: Lightweight, JSON-based CVE database
- Coverage: Official CVE list with detailed metadata
- Update frequency: Synchronized with official CVE feeds
- No authentication: Public API, free to use
How It Works
CVE ID Lookup
When searching by CVE ID (e.g., CVE-2024-1086):
- Queries OpenCVE API with exact CVE identifier
- Returns complete vulnerability details
- Shows severity, CVSS score, affected products, and references
- Results cached for 24 hours
Product Search
When searching by product name (e.g., --product OpenSSL):
- Queries OpenCVE API with product search
- Returns matching CVEs (limited to specified count)
- Shows all vulnerabilities affecting that product
- Useful for identifying software risks
Output Format
CVE ID Search Output
📋 CVE-2024-1086
Severity: HIGH (7.8)
Published: 2024-01-15 12:30
Modified: 2024-01-20 08:45
Summary:
A buffer overflow vulnerability in Linux kernel network stack...
CVSS v3.1: 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Affected Software:
1. Linux Kernel - Versions 5.15 to 6.6, 6.7-rc1 to 6.7
Versions: 5.15.0, 5.16.0, 6.0.0, 6.1.0, 6.2.0 ... and 15 more
Weaknesses: CWE-120 (Buffer Copy without Checking Size of Input)
References:
1. https://nvd.nist.gov/vuln/detail/CVE-2024-1086
2. https://www.cisa.gov/news-events/alerts/2024/01/15/...
3. https://github.com/advisories/GHSA-...
Product Search Output
Searching for CVEs affecting "OpenSSL"...
Found 12 CVE(s):
📋 CVE-2023-6129
Severity: HIGH (7.5)
Published: 2023-11-28 12:00
Summary: PKCS #7 Signature Verification Bypass...
[truncated]
📋 CVE-2023-5678
Severity: MEDIUM (5.3)
...
API Response Format
OpenCVE Response Structure
{
"results": [
{
"cveid": "CVE-2024-1086",
"summary": "Buffer overflow in kernel network stack",
"severity": "HIGH",
"cvss": 7.8,
"cvss_v3": {
"score": 7.8,
"vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
"created_at": "2024-01-15T12:30:00Z",
"updated_at": "2024-01-20T08:45:00Z",
"vendors": [
{
"name": "linux",
"product": "Linux Kernel",
"versions": ["5.15.0", "5.16.0", "6.0.0", ...]
}
],
"references": ["https://nvd.nist.gov/...", "..."],
"cwe": ["CWE-120"]
}
]
}
Use Cases
Security Audit
Check if deployed software has known vulnerabilities:
npx tsx scripts/lookup.ts --product "Apache Tomcat" --limit 50
Incident Response
Quickly look up a CVE mentioned in an alert:
npx tsx scripts/lookup.ts CVE-2024-1234
Dependency Scanning
Verify your project dependencies for known issues:
npx tsx scripts/lookup.ts --product "jQuery" --limit 20
Vulnerability Assessment
Research a specific vulnerability before patching:
npx tsx scripts/lookup.ts CVE-2024-1086 --no-cache
Caching
Results are cached for 24 hours by default. CVE information doesn't change frequently, so caching significantly improves performance.
Use --no-cache when:
- You need the latest CVE information
- Recently patched vulnerabilities may not be in cache
- Doing a fresh security assessment
Limitations
- Search coverage: Depends on OpenCVE's database (generally comprehensive for official CVE list)
- Real-time updates: Cached for 24 hours (use
--no-cachefor fresh data) - Product name matching: Uses substring search (may return unrelated CVEs)
- Rate limiting: OpenCVE API has rate limits (automatic backoff implemented)
- Detailed info: Some older CVEs may have incomplete metadata
Exit Codes
| Code | Meaning |
|---|---|
0 | Success (CVE found or search completed) |
1 | CVE not found or error occurred |
Examples
Find a specific vulnerability
npx tsx scripts/lookup.ts CVE-2024-1086
# Returns full details of the Linux kernel buffer overflow
Search for vulnerabilities in OpenSSL
npx tsx scripts/lookup.ts --product OpenSSL
# Returns up to 10 OpenSSL CVEs
Get all recent Django vulnerabilities
npx tsx scripts/lookup.ts --product "Django" --limit 30
# Returns up to 30 Django-related CVEs
Fresh lookup bypassing cache
npx tsx scripts/lookup.ts CVE-2024-1234 --no-cache
# Fetches latest data from OpenCVE API
Related Skills
- Use with version checking tools to identify if your installed version is vulnerable
- Combine with security scanning tools for comprehensive vulnerability assessment
- Cross-reference with GitHub Advisories for ecosystem-specific information
Troubleshooting
"CVE not found"
- CVE may not yet be in the public database
- Try with
--no-cacheto check latest database - Verify CVE ID format:
CVE-YYYY-NNNNN
No results for product search
- Product name may not match database naming
- Try alternate names (e.g., "Apache HTTP Server" vs "Apache")
- Check OpenCVE documentation for correct product names
Rate limit error
- Wait a moment and retry
- Use cached results from previous queries
- Limit number of simultaneous requests
References
More by Mearman
View allScan project dependencies for known vulnerabilities. Automatically detect and parse package files (package.json, requirements.txt, Gemfile, go.mod, pom.xml) and check all dependencies against the CVE database. Use when you want to audit a project for security vulnerabilities, check if dependencies have known CVEs, or generate a vulnerability report for compliance.
Convert LaTeX to Markdown format. Use when the user asks to convert, transform, or change LaTeX files to Markdown, or mentions converting .tex files to .md files.
Analyze npm package quality using NPMS.io scores for quality, popularity, and maintenance. Use when the user asks for package quality analysis, NPMS scores, or package evaluation metrics.
Create bibliography citations from web page URLs with automatic Wayback Machine archival and metadata extraction. Use when the user asks to cite a website, create a citation for a URL, archive and cite a web page, or generate a bibliography entry from a web address.