Search Guide

How to find vulnerabilities, exploits, and PoC code across 346,361 CVEs and 78,817 exploits.

Basic Search

Type any keyword in the search box and hit Enter. The search uses full-text search across CVE titles, descriptions, vendor names, and product names.

Query What it finds Results
log4j CVEs mentioning Log4j / Log4Shell 28
remote code execution RCE vulnerabilities across all products 31,320
CVE-2024-3400 Exact CVE ID lookup (Palo Alto PAN-OS) 1
fortinet ssl vpn Fortinet SSL VPN vulnerabilities 28
buffer overflow Buffer overflow / memory corruption bugs 25,301
wordpress plugin WordPress plugin vulnerabilities 17,513
Tips
Search is case-insensitive -- "Log4j", "log4j", and "LOG4J" all return the same results.
Multiple words are matched with AND logic -- "apache log4j" finds entries containing both words.
To search by CVE ID, type the full ID (e.g. CVE-2024-3400) for an exact match.

Quick Filters

Click the filter pills below the search box to instantly narrow results. Filters can be combined with each other and with text search.

Filter What it does Count
With Exploits Only CVEs that have at least one public exploit or PoC 53,621
CISA KEV Only CVEs in CISA's Known Exploited Vulnerabilities catalog 1,583
Exploited CVEs exploited in the wild (CISA KEV + VulnCheck KEV + InTheWild.io) 4,857
Ransomware CVEs with confirmed ransomware campaign use 564
Has Nuclei Templates Only CVEs with Nuclei scanner templates for automated detection 4,077
Critical / High / Medium / Low Filter by CVSS v3 severity: critical (9.0-10.0), high (7.0-8.9), medium (4.0-6.9), low (0.1-3.9) 31,141
Combining filters
Critical + With Exploits -- the most dangerous: critical CVEs with public exploit code (4,245)
Critical + CISA KEV -- critical severity CVEs known to be actively exploited (540)
Critical + Ransomware -- critical CVEs with confirmed ransomware use
Exploited + PoC Available -- exploited in the wild AND has public exploit code
High EPSS + Exploits -- CVEs with >70% exploitation probability and available PoC

Sort Options

Default sorting follows the surface you are browsing: published CVEs for general search, exploit activity for public-exploit views, exploitation signals for KEV and in-the-wild views, and template recency for Nuclei-backed views.

Sort Description
Published Newest CVE vintages first, then newest publication date within that CVE year
Exploit Activity Freshest public exploit activity first; shown on exploit-backed views
Templates Newest Nuclei template availability first; shown on template-backed views
CVSS Highest CVSS v3 score first; newer CVEs break ties
EPSS Highest EPSS score first; newer CVEs break ties
Signals Newest exploitation or KEV signal first; shown on exploited and KEV-focused views
Relevance Best text match first; newer CVEs break ties (only available when a search query is entered)

Advanced Search

Click the Advanced pill on the search page to expand additional filters. These can be combined with text search and quick filters.

Field Description Example
Vendor Filter by software vendor (partial match) apache, microsoft, fortinet
Product Filter by product name (partial match) log4j, exchange, chrome
Ecosystem Filter by package ecosystem (from GHSA data) npm, pypi, maven, go, rubygems, nuget
CWE Filter by weakness type (CWE ID) 79 (XSS), CWE-89 (SQLi), 787 (OOB Write)
Year Filter by CVE publication year 2024, 2025
Min CVSS Only CVEs with CVSS v3 score at or above this threshold 9.0 (critical only), 7.0 (high+)
Score Mode Select which score family powers min_score and score_desc v4, effective
Min Score Minimum score for the chosen score mode. Defaults to CVSS v3 unless score_version is set. 9.0, 7.0
Min EPSS Only CVEs with EPSS exploitation probability at or above this threshold 0.9 (top 1%), 0.5 (top 5%)
Published After Only CVEs published on or after this date 2026-01-01
Published Before Only CVEs published on or before this date 2025-12-31

Example Queries

Real-world search scenarios showing how to combine filters.

Critical RCE with Exploits
Find the most dangerous RCE vulnerabilities that have public exploit code
Recent KEV Additions
CISA Known Exploited Vulnerabilities, most recent first
Apache Vulns in 2024
All Apache product vulnerabilities published in 2024
High EPSS + Nuclei
CVEs likely exploited in the wild with automated scanner templates
npm Supply Chain
npm package vulnerabilities with available exploit code
SQL Injection (CWE-89)
SQL injection vulnerabilities with proof-of-concept code
Critical Fortinet
Critical-severity vulnerabilities in Fortinet products
This Year's Critical CVEs
Critical CVEs published in 2026, sorted by CVSS score

API Search

All search features are available via the REST API. The same filters work as query parameters.

Text search:
curl 'https://exploit-intel.com/api/v1/vulns?q=log4j'
Combined filters:
curl 'https://exploit-intel.com/api/v1/vulns?vendor=apache&has_exploits=true&severity=critical'
Date range with ecosystem:
curl 'https://exploit-intel.com/api/v1/vulns?ecosystem=npm&date_from=2026-01-01&min_cvss=7.0'
Effective score mode:
curl 'https://exploit-intel.com/api/v1/vulns?score_version=effective&min_score=9.0&sort=score_desc'
Full API Documentation Rate Limits