Need an API to fetch vulnerability information? The CVEDB API is optimized for fast vulnerability lookups by CVE or product. It is sourced from NVD and updated daily at midnight UTC. Below is a sample response from the API:
$ curl https://cvedb.shodan.io/cve/CVE-2025-8960 | jq{ "cve_id": "CVE-2025-8960", "summary": "A vulnerability has been found in Campcodes Online Flight Booking Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/save_airlines.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.", "cvss": 7.3, "cvss_version": 3, "cvss_v2": 7.5, "cvss_v3": 7.3, "epss": 0.00032, "ranking_epss": 0.07151, "kev": false, "propose_action": null, "ransomware_campaign": null, "references": [ "https://vuldb.com/?ctiid.319952", "https://vuldb.com/?id.319952", "https://vuldb.com/?submit.627900", "https://www.campcodes.com/", "https://www.yuque.com/yuqueyonghuvrsrwv/dhlxlu/ykgg3tumuaefd0ft#vulnerability-details-and-poc", "https://www.yuque.com/yuqueyonghuvrsrwv/dhlxlu/ykgg3tumuaefd0ft?singleDoc" ], "published_time": "2025-08-14T12:15:26", "cpes": [ "cpe:2.3:a:campcodes:online_flight_booking_management_system:1.0" ]}The response includes the available CVSS scores, references, whether or not it's in the CISA KEV as well as the EPSS value to assess the likelyhood of exploitation.
A downloadable SQLite version of CVEDB is available to Enterprise customers.