Skip to content
Community

Open Vulnerability Database

Query 150+ sources across CVEs, exploits, advisories, and malware feeds. 
One API. Every identifier format. Always current.

$ brew install vulnetix/tap/vulnetix
curl, go install, scoop, nix →
Get Started API Reference
Powered by OpenAPI 3.1
🔒 www.vulnetix.com/vdb
Vulnetix VDB Search — querying CVE-2025-43698
Click to try the live vulnerability search

Built for Your Agents, Terminal, and Your CI

Search across all identifier formats — CVE, GHSA, PYSEC, RUSTSEC, and more. Get exploit data, fix advisories, scoring metrics, and remediation plans from a single query. JSON output, piping, scripting — the VDB fits your existing toolchain, not the other way around.

  • CLI
  • REST API
  • JSON output
  • CI/CD pipelines
  • 78+ ID formats
  • OpenAPI

VDB command reference →

Intelligence Coverage

Intelligence Sources

Aggregated, normalised, and enriched from 150+ authoritative sources. Every record is tagged with its origin, linked to upstream advisories, and queryable by any identifier.

Vulnerability Authorities

23 sources

Normalised records from every major vulnerability database and numbering authority worldwide.

Government & National Cyber Defence

16 sources

Advisories from 14+ national CERTs and government cybersecurity agencies.

Vendor & Product Security

24 sources

Consolidated vendor intelligence with structured affected-product data.

Supply Chain & Malware Detection

9 sources

Malicious package detection across typosquatting, dependency confusion, and backdoored code.

Exploit Intelligence

21 sources

Exploit availability, PoC code, framework modules, and weaponisation status.

Threat Observation & Research

9 sources

Live exploitation signals from honeypots, scanning infrastructure, and research communities.

Ecosystem & Patch Intelligence

47 sources

Patch availability across 30+ distributions and ecosystems with version-specific fix tracking.

Browse all sources →

NEW

VDB intelligence inside your AI agent

Works with 41+ Agents that support SKILLS.md — Claude Code, Cursor, Windsurf, and more. One install, zero context-switching.

$ npx skills add Vulnetix/pix-ai-coding-assistant
Plugin documentation →

Vulnerability Intelligence in your Coding Agent

The Vulnetix Claude Code plugin brings VDB queries directly into your development flow. Look up a CVE, check exploit status, or get remediation guidance without switching context. Works through the MCP server protocol — same endpoints, same data, zero context-switching.

  • Works with 41+ agents that support SKILLS.md
  • Claude Code, Cursor, Windsurf, and more
  • Inline vuln lookups
  • Exploit status checks
  • Remediation guidance
  • Fix version lookups

Plugin documentation →

Security That Respects the Developer Flow

Not another fire drill. Not another ticket that says “critical” because a scanner said so. When a security engineer brings a vulnerability to a developer, it should be backed by data — exploit intelligence, EPSS probability, KEV status, SSVC prioritisation — not anxiety.

Drop-tools moments should be rare, researched, and respected. The VDB gives security teams the evidence to make that call with confidence, and developers the context to understand why this one actually matters.

  • Exploit Prediction scoring
  • Decision Tree prioritisation
  • 3x Known Exploited Vulnerabilty databases
  • Exploit weaponisation and real usage
  • Fix/Patch analysis

Learn about prioritisation →

Start Free, Scale When You’re Ready

The Community tier gives you full access to aggregated vulnerability data with a free API key. When your team needs higher rate limits, proprietary enrichment, or enterprise integrations — upgrade to Pro.

Get free API key View plans & pricing
GitHub API Docs CLI Docs Claude Code Plugin Docs OpenAPI Spec Vulnetix Platform Get API Key Terms of Service