National Vulnerability Database
APIOfficial U.S. government API for vulnerability data
Overview
The National Vulnerability Database (NVD) API provides structured JSON feeds for CVE (Common Vulnerabilities and Exposures) data, including vulnerability details, CVSS scores, impact metrics, and patch information. Endpoints support access to recent vulnerabilities, historical datasets, and specific CVE entries. Ideal for integrating into security tools, vulnerability scanners, patch management systems, and threat intelligence platforms to automate monitoring, assess risk, and ensure compliance.
Example Integration (JavaScript)
fetch('https://nvd.nist.gov/vuln/Data-Feeds/JSON-feed-changelog')
.then(res => res.json())
.then(data => console.log(data))
.catch(err => console.error(err)); Key Features
- RESTful
- JSON support
- No Auth required
- CVE data with CVSS scores
- Historical vulnerability datasets
Frequently Asked Questions
? Is the National Vulnerability Database API free to use?
Yes, the NVD API is completely free for public use with no subscription required.
? Does it require an API Key?
No, the NVD JSON feeds do not require an API key for access.
? What is the response format?
The API provides data exclusively in JSON format, including vulnerability metadata, CVSS scores, and impact assessments.
Top Alternatives
People Also Ask about National Vulnerability Database
Tool Info
Pros
- ⊕ Free official government data
- ⊕ Comprehensive CVE details
- ⊕ No authentication needed
- ⊕ Structured JSON for easy parsing
Cons
- ⊖ Rate-limited access
- ⊖ Large feed sizes
- ⊖ Periodic updates (not real-time)