DuckIntel / Security Tools
Search the NIST National Vulnerability Database by CVE ID or keyword. Shows CVSS scores, severity, affected products, patch availability, and CISA KEV status.
The CVE Lookup tool searches the NIST National Vulnerability Database (NVD) by CVE identifier or keyword. Enter a CVE ID like CVE-2024-12345 or search by software name to get CVSS v3.1 base scores, severity ratings, affected CPE products, references, patch availability, and CISA Known Exploited Vulnerabilities (KEV) status.
Vulnerability management is a core responsibility for any security team. When a vendor releases a patch or a threat actor starts exploiting a vulnerability, analysts need to quickly assess the risk — how severe is it, what systems are affected, and is it being actively exploited in the wild? The NIST NVD is the authoritative source for this information, and this tool puts it directly in your browser without requiring an API key or account.
The CISA KEV badge is especially important. When CISA adds a CVE to its Known Exploited Vulnerabilities catalog, it means the vulnerability is actively being used by threat actors against real organizations. CISA-KEV vulnerabilities have mandatory remediation deadlines for US federal agencies, and security teams across all sectors treat them as highest priority. The CVE Lookup tool highlights KEV status prominently so you never miss it.
Related tools
CVSS CalculatorThreat Intelligence FeedThreat DashboardIOC Bulk Scanner
Part of DuckIntel.io — 59 free browser-based security tools for SOC analysts. No login. No tracking. 100% client-side.