Searches the NIST NVD database for CVE vulnerabilities using API 2.0. Returns CVE details, CVSS scores, affected software, and references. Use when user asks about "CVE", "vulnerability database", "NIST", "NVD", "security advisory", "CVE-2024", "CVE-2023", "脆弱性", "セキュリティアドバイザリ", or wants to find known vulnerabilities for specific software.
This skill inherits all available tools. When active, it can use any tool Claude has access to.
dist/index.d.tsdist/index.d.ts.mapdist/index.jsdist/index.js.mappackage.jsonsrc/api.tssrc/cli.tssrc/formatter.tssrc/index.tssrc/types.tstsconfig.jsonSearch the National Vulnerability Database for known vulnerabilities. Every CVE you find in your target's stack is potential bounty money.
You: "They're running jQuery 3.4.1"
NVD: "CVE-2020-11023 - XSS in jQuery < 3.5.0"
You: "That's a free $500-$2,000 finding"
# Search by keyword (e.g., software name)
cd ${CLAUDE_PLUGIN_ROOT}/skills/cve-search && npx cve-search --keyword "jquery"
# Search by specific CVE ID
cd ${CLAUDE_PLUGIN_ROOT}/skills/cve-search && npx cve-search --cve "CVE-2021-44228"
# Search by CWE (find all XSS CVEs)
cd ${CLAUDE_PLUGIN_ROOT}/skills/cve-search && npx cve-search --cwe "CWE-79"
# Search by severity
cd ${CLAUDE_PLUGIN_ROOT}/skills/cve-search && npx cve-search --keyword "apache" --severity "CRITICAL"
# Recent CVEs (last 30 days)
cd ${CLAUDE_PLUGIN_ROOT}/skills/cve-search && npx cve-search --keyword "wordpress" --days 30
# JSON output
cd ${CLAUDE_PLUGIN_ROOT}/skills/cve-search && npx cve-search --keyword "react" --json
| Parameter | Description | Example |
|---|---|---|
--keyword | Search term (software, vendor) | --keyword "react" |
--cve | Specific CVE ID | --cve "CVE-2023-12345" |
--cwe | CWE ID filter | --cwe "CWE-89" |
--severity | CVSS v3 severity | --severity "HIGH" |
--days | Published in last N days | --days 90 |
--limit | Max results (default 10) | --limit 20 |
| Severity | CVSS Score | Bounty Potential |
|---|---|---|
| CRITICAL | 9.0 - 10.0 | $5,000 - $50,000+ |
| HIGH | 7.0 - 8.9 | $2,000 - $10,000 |
| MEDIUM | 4.0 - 6.9 | $500 - $3,000 |
| LOW | 0.1 - 3.9 | $100 - $500 |
### CVE-2021-44228 (Log4Shell) 💰💰💰
**Severity**: CRITICAL (10.0)
**Bounty Estimate**: $10,000 - $50,000+
**Summary**:
Apache Log4j2 allows RCE via JNDI lookup in log messages...
**Affected Versions**:
- Apache Log4j 2.0-beta9 to 2.14.1
**CWE**: CWE-502 (Deserialization of Untrusted Data)
**Attack Vector**:
- Network exploitable
- No authentication required
- User interaction: None
**References**:
- https://nvd.nist.gov/vuln/detail/CVE-2021-44228
- https://logging.apache.org/log4j/2.x/security.html
**Exploit Available**: Yes (public exploits exist)
The script automatically handles rate limiting with delays.
# Check JavaScript libraries
curl -s target.com | grep -oE '(jquery|react|angular|vue)[^"]*\.js'
# Check response headers
curl -I target.com | grep -i 'x-powered-by\|server'
# Then search for CVEs
npx cve-search --keyword "nginx 1.18"
# Log4j (still paying out)
npx cve-search --cve "CVE-2021-44228"
# Spring4Shell
npx cve-search --cve "CVE-2022-22965"
# Recent critical CVEs
npx cve-search --severity "CRITICAL" --days 90
# Find all SQL injection CVEs
npx cve-search --cwe "CWE-89" --keyword "wordpress"
# Find all XSS CVEs for jQuery
npx cve-search --cwe "CWE-79" --keyword "jquery"
| Field | Description |
|---|---|
id | CVE identifier |
description | Vulnerability summary |
severity | CRITICAL/HIGH/MEDIUM/LOW |
score | CVSS v3 base score |
cwes | Related CWE identifiers |
affected | Affected software/versions |
references | Links to advisories/patches |
published | Publication date |
exploitAvailable | Whether public exploit exists |