## Simple NIST NVD API wrapper library
<img src="docs/source/logo.png" width=300 style="padding-right:15px">
**NVDlib** is a Python library that allows you to interface with the [NIST National Vulnerability Database](https://nvd.nist.gov/) (NVD), pull vulnerabilities (CVEs), and [Common Platform Enumeration](https://nvd.nist.gov/products/cpe) (CPEs) into easily accessible objects.
[](https://pypi.org/project/nvdlib/)
[](https://nvdlib.readthedocs.io/en/latest/?badge=latest)
---
### Features
- Search the NVD for CVEs using all parameters allowed by the NVD API (recently updated to utilize version 2 of the API). Including search criteria such as CVE publish and modification date, keywords, severity, score, or CPE name.
- Search CPE names by keywords, CPE match strings, or modification dates. Then pull the CVE ID's that are relevant to those CPEs.
- Retrieve details on individual CVEs, their relevant CPE names, and more.
- Built in rate limiting according to [NIST NVD recommendations](https://nvd.nist.gov/developers/start-here). <br> Get an API key (https://nvd.nist.gov/developers/request-an-api-key) to allow for a delay argument to be passed. Otherwise it is 6 seconds between requests by default.
### Install
```bash
$ pip install nvdlib
```
### Demo
```python
>>> import nvdlib
>>> r = nvdlib.searchCVE(cveId='CVE-2021-26855')[0]
>>> print(r.v31severity + ' - ' + str(r.v31score))
CRITICAL - 9.8
>>> print(r.descriptions[0].value)
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412,
CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
>>> print(r.v31vector)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
```
### Development
Run the tests with
```bash
$ pip install -e '.[dev]'
$ pytest
```
### Documentation
https://nvdlib.com
#### More information
This is my first attempt at creating a library while utilizing all my Python experience from classes to functions.
For more information on the NIST NVD API for CPE and CVEs, see the documentation here:
https://nvd.nist.gov/General/News/New-NVD-CVE-CPE-API-and-SOAP-Retirement
---
This product uses data from the NVD API but is not endorsed or certified by the NVD.
Raw data
{
"_id": null,
"home_page": "https://github.com/Vehemont/nvdlib/",
"name": "nvdlib",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.11.0",
"maintainer_email": null,
"keywords": null,
"author": "Vehemont",
"author_email": "brad@nvdlib.com",
"download_url": null,
"platform": null,
"description": "## Simple NIST NVD API wrapper library\n\n<img src=\"docs/source/logo.png\" width=300 style=\"padding-right:15px\">\n\n**NVDlib** is a Python library that allows you to interface with the [NIST National Vulnerability Database](https://nvd.nist.gov/) (NVD), pull vulnerabilities (CVEs), and [Common Platform Enumeration](https://nvd.nist.gov/products/cpe) (CPEs) into easily accessible objects.\n\n \n[](https://pypi.org/project/nvdlib/)\n[](https://nvdlib.readthedocs.io/en/latest/?badge=latest)\n\n---\n\n### Features\n\n- Search the NVD for CVEs using all parameters allowed by the NVD API (recently updated to utilize version 2 of the API). Including search criteria such as CVE publish and modification date, keywords, severity, score, or CPE name.\n- Search CPE names by keywords, CPE match strings, or modification dates. Then pull the CVE ID's that are relevant to those CPEs. \n- Retrieve details on individual CVEs, their relevant CPE names, and more.\n- Built in rate limiting according to [NIST NVD recommendations](https://nvd.nist.gov/developers/start-here). <br> Get an API key (https://nvd.nist.gov/developers/request-an-api-key) to allow for a delay argument to be passed. Otherwise it is 6 seconds between requests by default.\n\n### Install\n```bash\n$ pip install nvdlib\n```\n\n\n### Demo\n```python\n>>> import nvdlib\n>>> r = nvdlib.searchCVE(cveId='CVE-2021-26855')[0]\n>>> print(r.v31severity + ' - ' + str(r.v31score))\nCRITICAL - 9.8\n>>> print(r.descriptions[0].value)\nMicrosoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, \nCVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.\n>>> print(r.v31vector)\nCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H \n```\n\n\n### Development\n\nRun the tests with\n\n```bash\n$ pip install -e '.[dev]'\n$ pytest\n```\n\n### Documentation\n\nhttps://nvdlib.com\n\n#### More information\n\nThis is my first attempt at creating a library while utilizing all my Python experience from classes to functions.\n\nFor more information on the NIST NVD API for CPE and CVEs, see the documentation here: \nhttps://nvd.nist.gov/General/News/New-NVD-CVE-CPE-API-and-SOAP-Retirement\n\n---\n\nThis product uses data from the NVD API but is not endorsed or certified by the NVD.\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "National Vulnerability Database CPE/CVE API Library for Python",
"version": "0.8.3",
"project_urls": {
"Homepage": "https://github.com/Vehemont/nvdlib/"
},
"split_keywords": [],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "33de83a5f47eda31fc5471efe2ab2431be0a0d0856d1ac50b9721e7bc086015e",
"md5": "ceefde5365c7942d2814c06795f6030f",
"sha256": "ba9df19942351353da5f3aa9ae9e106bbacd505a89d72d15c49f94d822690128"
},
"downloads": -1,
"filename": "nvdlib-0.8.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "ceefde5365c7942d2814c06795f6030f",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.11.0",
"size": 15318,
"upload_time": "2025-08-06T21:16:14",
"upload_time_iso_8601": "2025-08-06T21:16:14.662515Z",
"url": "https://files.pythonhosted.org/packages/33/de/83a5f47eda31fc5471efe2ab2431be0a0d0856d1ac50b9721e7bc086015e/nvdlib-0.8.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-08-06 21:16:14",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "Vehemont",
"github_project": "nvdlib",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"requirements": [
{
"name": "requests",
"specs": [
[
">=",
"2.24.0"
]
]
}
],
"lcname": "nvdlib"
}
JSON
