Command Reference
vuln
Look up a vulnerability by CVE, GHSA, or other identifier. Returns severity, CVSS scores, EPSS, CWE, and KEV status.
vuln CVE-2021-44228 vuln GHSA-5jpm-x58v-3fvq
exploits
Retrieve exploit intelligence for a vulnerability. Lists ExploitDB, Metasploit, GitHub PoCs, and other exploit sources.
exploits CVE-2021-44228
fixes
Get patch availability and remediation guidance for a CVE.
fixes CVE-2024-38816
packages
Search for packages and assess vulnerability risk. Find safe versions and identify malicious packages.
packages search log4j packages npm lodash
timeline
View the publication and disclosure timeline for a vulnerability — NVD publish date, exploit availability, patch dates.
timeline CVE-2021-44228
scorecard
OpenSSF Scorecard for open source projects — security health scoring across maintenance, reviews, CI, and more.
scorecard github.com/apache/log4j
gcve
Look up Google Cloud Vulnerability Enrichment data for a CVE.
gcve CVE-2021-44228
snort-rules
Retrieve Snort IDS/IPS rules for network-level detection of vulnerability exploitation.
snort-rules CVE-2021-44228
Example Queries
vuln CVE-2021-44228 # CVE-2021-44228 · Log4Shell # Severity CRITICAL · CVSS 10.0 · EPSS 0.975 # CWE-502: Deserialization of Untrusted Data # 18 exploits mapped · KEV listed · SSVC: Act exploits CVE-2021-44228 # 18 exploits mapped across 6 sources # ExploitDB · Metasploit · GitHub PoCs · NVD · OSV · VulDB # First exploit published: 2021-12-10 packages search log4j # pkg:maven/org.apache.logging.log4j/log4j-core # Vulnerable ≤ 2.14.1 · Safe ≥ 2.17.1 # 3 malware packages blocked in this namespace
Access Tiers
- Unauthenticated (Community) — 100 queries / week, no sign-up
- Free API key — 10,000 queries / week, no credit card
- Pro ($25/mo) — 120 requests / minute, usage dashboard, priority support
- Enterprise — Custom limits, SLA, data residency
Integration Options
- REST API — Full OpenAPI spec
- CLI — CLI documentation
- AI Coding Agents — SKILLS.md guide ·
npx skills add Vulnetix/pix-ai-coding-assistant