{"id":13620930,"url":"https://github.com/projectdiscovery/cvemap","last_synced_at":"2025-05-14T11:09:01.712Z","repository":{"id":218732481,"uuid":"699502691","full_name":"projectdiscovery/cvemap","owner":"projectdiscovery","description":"Navigate the CVE jungle with ease.","archived":false,"fork":false,"pushed_at":"2025-04-23T14:45:53.000Z","size":2171,"stargazers_count":1988,"open_issues_count":17,"forks_count":138,"subscribers_count":24,"default_branch":"main","last_synced_at":"2025-05-08T00:45:54.686Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/projectdiscovery.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2023-10-02T19:02:02.000Z","updated_at":"2025-05-07T12:43:22.000Z","dependencies_parsed_at":"2024-11-18T12:38:30.008Z","dependency_job_id":"a3f3ddff-ab4c-4787-a2a6-a6b6b987d8e7","html_url":"https://github.com/projectdiscovery/cvemap","commit_stats":{"total_commits":248,"total_committers":4,"mean_commits":62.0,"dds":0.08467741935483875,"last_synced_commit":"472513fd05dc9817e29a82d055e6e39ce94a8f2c"},"previous_names":["projectdiscovery/cvemap"],"tags_count":7,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/projectdiscovery%2Fcvemap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/projectdiscovery%2Fcvemap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/projectdiscovery%2Fcvemap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/projectdiscovery%2Fcvemap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/projectdiscovery","download_url":"https://codeload.github.com/projectdiscovery/cvemap/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254129488,"owners_count":22019628,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T21:01:00.839Z","updated_at":"2025-05-14T11:09:01.690Z","avatar_url":"https://github.com/projectdiscovery.png","language":"Go","readme":"\u003ch1 align=\"center\"\u003eCVEMap\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n\u003ca href=\"https://opensource.org/licenses/MIT\"\u003e\u003cimg src=\"https://img.shields.io/badge/license-MIT-_red.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://goreportcard.com/badge/github.com/projectdiscovery/cvemap\"\u003e\u003cimg src=\"https://goreportcard.com/badge/github.com/projectdiscovery/cvemap\"\u003e\u003c/a\u003e\n\u003ca href=\"https://pkg.go.dev/github.com/projectdiscovery/cvemap/pkg/cvemap\"\u003e\u003cimg src=\"https://img.shields.io/badge/go-reference-blue\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/projectdiscovery/cvemap/releases\"\u003e\u003cimg src=\"https://img.shields.io/github/release/projectdiscovery/cvemap\"\u003e\u003c/a\u003e\n\u003ca href=\"https://twitter.com/pdiscoveryio\"\u003e\u003cimg src=\"https://img.shields.io/twitter/follow/pdiscoveryio.svg?logo=twitter\"\u003e\u003c/a\u003e\n\u003ca href=\"https://discord.gg/projectdiscovery\"\u003e\u003cimg src=\"https://img.shields.io/discord/695645237418131507.svg?logo=discord\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"#features\"\u003eFeatures\u003c/a\u003e •\n  \u003ca href=\"#installation\"\u003eInstallation\u003c/a\u003e •\n  \u003ca href=\"#usage\"\u003eUsage\u003c/a\u003e •\n  \u003ca href=\"#examples\"\u003eExample\u003c/a\u003e •\n  \u003ca href=\"https://discord.gg/projectdiscovery\"\u003eJoin Discord\u003c/a\u003e\n\u003c/p\u003e\n\nNavigate the Common Vulnerabilities and Exposures (CVE) jungle with ease using CVEMAP, a command-line interface (CLI) tool designed to provide a structured and easily navigable interface to various vulnerability databases.\n\n   \n# Features\n\n![image](static/cvemap.png)\n\n - **CVE Dataset Search \u0026 Query**\n - **CVE to EPSS Mapping**\n - **CVE to KEV Mapping**\n - **CVE to CPE Mapping**\n - **CVE to GitHub POCs Mapping**\n - **CVE to Nuclei Template Mapping**\n - **CVE to HackerOne report Mapping**\n - Customizable Filters on CVE data\n - STDIN Input / JSONL Output\n\n\n## Installation\n\ncvemap requires **Go 1.21** to install successfully. To install, just run the below command or download pre-compiled binary from [release page](https://github.com/projectdiscovery/cvemap/releases).\n\n```console\ngo install github.com/projectdiscovery/cvemap/cmd/cvemap@latest\n```\n\n## Usage\n```console\ncvemap -h\n```\nThis will display help for the tool. Here are all the switches it supports.\n\n```console\nUsage:\n  cvemap [flags]\n\nFlags:\nCONFIG:\n   -auth  configure projectdiscovery cloud (pdcp) api key (default true)\n\nOPTIONS:\n   -id string[]                    cve to list for given id\n   -cwe, -cwe-id string[]          cve to list for given cwe id\n   -v, -vendor string[]            cve to list for given vendor\n   -p, -product string[]           cve to list for given product\n   -eproduct string[]              cves to exclude based on products\n   -s, -severity string[]          cve to list for given severity\n   -cs, -cvss-score string[]       cve to list for given cvss score\n   -c, -cpe string                 cve to list for given cpe\n   -es, -epss-score string         cve to list for given epss score\n   -ep, -epss-percentile string[]  cve to list for given epss percentile\n   -age string                     cve to list published by given age in days\n   -a, -assignee string[]          cve to list for given publisher assignee\n   -vs, -vstatus value             cve to list for given vulnerability status in cli output. supported: new, confirmed, unconfirmed, modified, rejected, unknown\n\nUPDATE:\n   -up, -update                 update cvemap to latest version\n   -duc, -disable-update-check  disable automatic cvemap update check\n\nFILTER:\n   -q, -search string  search in cve data\n   -k, -kev            display cves marked as exploitable vulnerabilities by cisa (default true)\n   -t, -template       display cves that has public nuclei templates (default true)\n   -poc                display cves that has public published poc (default true)\n   -h1, -hackerone     display cves reported on hackerone (default true)\n   -re, -remote        display remotely exploitable cves (AV:N \u0026 PR:N | PR:L) (default true)\n\nOUTPUT:\n   -f, -field value         fields to display in cli output. supported: product, vendor, assignee, age, poc, cwe, epss, vstatus, kev, template\n   -fe, -exclude value      fields to exclude from cli output. supported: product, vendor, assignee, age, poc, cwe, epss, vstatus, kev, template\n   -lsi, -list-id           list only the cve ids in the output\n   -l, -limit int           limit the number of results to display (default 50)\n   -offset int              offset the results to display\n   -j, -json                return output in json format\n   -epk, -enable-page-keys  enable page keys to navigate results\n\nDEBUG:\n   -version            Version\n   -silent             Silent\n   -verbose            Verbose\n   -debug              Debug\n   -hc, -health-check  run diagnostic check up\n```\n\n## Configuring CVEMap CLI\n\nCVEMap CLI is built on top of the CVEMap API that requires API Token from [ProjectDiscovery Cloud Platform](https://cloud.projectdiscovery.io/?ref=api_key) that can be configured using environment variable named `PDCP_API_KEY` or using interactive `-auth` option as shown below.\n\n### Using environment variable\n\n```console\nexport PDCP_API_KEY=*************\n```\n\n### Using auth option\n\n```console\ncvemap -auth\n\n\n   ______   _____  ____ ___  ____  ____\n  / ___/ | / / _ \\/ __ \\__ \\/ __ \\/ __ \\\n / /__ | |/ /  __/ / / / / / /_/ / /_/ /\n \\___/ |___/\\___/_/ /_/ /_/\\__,_/ .___/ \n                               /_/\n            \n\n    projectdiscovery.io\n\n[INF] Get your free api key by signing up at https://cloud.projectdiscovery.io\n[*] Enter PDCP API Key (exit to abort): *************\n[INF] Successfully logged in as (@user)\n```\n\n## Running CVEMap\n\nFor details about running cvemap, see https://docs.projectdiscovery.io/tools/cvemap/running.\n\n\n## Note\n\n- CVE dataset gets updated in every 6 hours.\n\n## References\n\n- **[National Vulnerability Database (NVD)](https://nvd.nist.gov/developers)**: Comprehensive CVE vulnerability data.\n- **[Known Exploited Vulnerabilities Catalog (KEV)](https://www.cisa.gov/known-exploited-vulnerabilities-catalog)**: Exploited vulnerabilities catalog.\n- **[Exploit Prediction Scoring System (EPSS)](https://www.first.org/epss/data_stats)**: Exploit prediction scores.\n- **[HackerOne](https://hackerone.com/hacktivity/cve_discovery)**: CVE discoveries disclosure.\n- **[Nuclei Templates](https://github.com/projectdiscovery/nuclei-templates)**: Vulnerability validation templates.\n- **[Trickest CVE](https://github.com/trickest/cve) / [PoC-in-GitHub](https://github.com/nomi-sec/PoC-in-GitHub/)** GitHub Repository: Vulnerability PoCs references.\n--------\n\n\u003cdiv align=\"center\"\u003e\n\n**cvemap** is made with ❤️ by the [projectdiscovery](https://projectdiscovery.io) team and distributed under [MIT License](LICENSE).\n\n   \n\u003ca href=\"https://discord.gg/projectdiscovery\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/projectdiscovery/nuclei-burp-plugin/main/static/join-discord.png\" width=\"300\" alt=\"Join Discord\"\u003e\u003c/a\u003e","funding_links":[],"categories":["[](#table-of-contents) Table of contents","others","Go","Miscellaneous"],"sub_categories":["[](#dorkspentestvulnerabilities)Dorks/Pentest/Vulnerabilities","Uncategorized"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprojectdiscovery%2Fcvemap","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fprojectdiscovery%2Fcvemap","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprojectdiscovery%2Fcvemap/lists"}