Vulnerability Database gives you searchable access to the full CVE catalog — every publicly disclosed security vulnerability, with CVSS severity scores, affected software versions, CWE weakness classifications, and links to official advisories. Look up a specific CVE, search by software name, or pull a daily feed of newly published vulnerabilities.
Security teams need this kind of access without building their own data pipeline. Whether you're auditing a dependency list, investigating a reported issue, or running daily threat briefings, this tool turns the full CVE catalog into something you can query conversationally.
What you can do
- search_vulnerabilities — find CVEs by keyword: software name, library, version, or vulnerability type like "remote code execution"
- cve_details — get the full record for a specific CVE ID, including CVSS vector, affected software, CWE type, and reference links
- recent_vulnerabilities — pull CVEs published in the last N days (default 7), ideal for daily threat monitoring
Who it's for
Security researchers investigating specific software or dependencies. DevSecOps engineers auditing packages in a build pipeline. IT teams responding to disclosed vulnerabilities in their stack. Developers checking whether a library they use has known issues before shipping.
How to use it
- Use search_vulnerabilities with a software name or version to find relevant CVEs
- Use cve_details with a specific CVE ID (e.g. CVE-2021-44228) to get the full technical record
- Use recent_vulnerabilities with days set to 1 for a daily briefing of new advisories
- Filter results by severity — focus on CRITICAL and HIGH for most auditing tasks
Getting started
All three skills are ready to use without any setup. Start with search_vulnerabilities and the name of the software or library you want to audit.
