cvedb-py
CLI client for Shodan's CVEDB API - fast vulnerability lookups using CVE IDs and CPE 2.3 identifiers.
Package name: cvedb-py
CLI command: cvedb
Installation
uv sync
uv run cvedb --help
System-wide install:
make install
Usage
# Look up a specific CVE
cvedb cve CVE-2021-44228
# Search CVEs by product
cvedb cves -p nginx
cvedb cves -p nginx --kev --sort-epss # KEV only, sorted by EPSS
# Search CVEs by CPE
cvedb cves -c "cpe:2.3:a:apache:log4j:2.14.1"
# List CPEs for a product
cvedb cpes wordpress
cvedb cpes woocommerce --count
# Output formats
cvedb cves -p nginx -f json # JSON output
cvedb cves -p nginx -f tsv # TSV output
cvedb cves -p nginx | head # auto-TSV when piping
Commands
cve <CVE-ID>
Look up a specific CVE by ID.
cves
Search CVEs by product name or CPE 2.3 identifier.
| Option | Description |
|---|---|
-p, --product |
Product name to search |
-c, --cpe |
CPE 2.3 identifier |
-k, --kev |
Only CISA KEV entries |
-e, --sort-epss |
Sort by EPSS score |
-s, --start |
Start date (YYYY-MM-DD) |
--end |
End date (YYYY-MM-DD) |
-l, --limit |
Max results (default: 25) |
-L, --no-limit |
Fetch all results |
--skip |
Skip N results |
--count |
Only show count |
-f, --format |
Output format: table, json, tsv |
cpes <PRODUCT>
List CPE 2.3 identifiers for a product.
| Option | Description |
|---|---|
-l, --limit |
Max results (default: 25) |
-L, --no-limit |
Fetch all results |
--skip |
Skip N results |
--count |
Only show count |
-f, --format |
Output format: table, json, tsv |
Output Formats
table- Rich formatted table (default for TTY)tsv- Tab-separated values (default when piping)json- JSON output
API
- Source: NVD (National Vulnerability Database)
- Updates: Daily at midnight UTC
- Auth: None required (free for non-commercial use)
- Docs: https://cvedb.shodan.io/docs
License
MIT