API Resources

GET
/v3/search/cpe

Request vulnerabilities related to specific CPE attributes

Based on the specified CPE (Common Platform Enumeration) schema, this endpoint will allow searches on the attributes part, vendor, product, and/or version and return a list of associated vulnerabilities.

All search fields are optional. Attributes must conform to the specifications in the NIST CPE Specification.

Path Parameters

part
string
If specified, must be one of application, operating system, or hardware. If not specified, all parts will be searched.
vendor
string
Values for this attribute should describe or identify the person or organization that manufactured or created the product. Any character string meeting the requirements for Well-formed Names (WFNs) may be specified as the value of the attribute.
product
string
The name of the system/package/component. Product and vendor are sometimes identical. It can not contain spaces, slashes, or most special characters. An underscore should be used in place of whitespace characters.
version
string
The version of the system/package/component. This is typically a semantic version string, but may very by vendor. This attribute supports trailing wildcards *. e.g.
version=8 will only return CPEs with the exact version string 8.
version=8.0.6* will return any CPE starting with 8.0.6.

Example Requests

curl --request GET \
    --url "https://api.vulncheck.com/v3/search/cpe?vendor=microsoft&product=internet_explorer&version=8.0.*" \
    --header "Accept: application/json" \
    --header "Authorization: Bearer insert_token_here"

Response

{
  "_benchmark": 0.029556,
  "_meta": {
    "timestamp": "2025-06-05T20:52:23.235563158Z",
    "total_documents": 3
  },
  "data": [
    {
      "cpe": "cpe:2.3:a:microsoft:internet_explorer:8.0.6001:*:*:*:*:*:*:*",
      "cpe_struct": {
        "part": "a",
        "vendor": "microsoft",
        "product": "internet_explorer",
        "version": "8\\.0\\.6001",
        "update": "*",
        "edition": "*",
        "language": "*",
        "sw_edition": "*",
        "target_sw": "*",
        "target_hw": "*",
        "other": "*"
      },
      "cves": [
        "CVE-2002-2435",
        "CVE-2004-0549",
        "CVE-2004-2704",
        "CVE-2005-1829",
        "CVE-2005-4625",
        "CVE-2006-6956",
        "CVE-2007-2718",
        "CVE-2007-3075",
        "CVE-2007-3924",
        "CVE-2007-3930",
        "CVE-2007-3954",
        "CVE-2007-3958",
        "CVE-2008-0454",
        "CVE-2008-0460",
        "CVE-2008-1873",
        "CVE-2008-2841",
        "CVE-2008-3023",
        "CVE-2008-3173",
        "CVE-2008-4029",
        "CVE-2008-4326",
        "CVE-2008-4387",
        "CVE-2008-5912",
        "CVE-2008-5917",
        "CVE-2008-7295",
        "CVE-2009-0305",
        "CVE-2009-2433",
        "CVE-2009-3737",
        "CVE-2009-4804",
        "CVE-2010-0027",
        "CVE-2010-0244",
        "CVE-2010-0245",
        "CVE-2010-0246",
        "CVE-2010-0248",
        "CVE-2010-0490",
        "CVE-2010-0492",
        "CVE-2010-0494",
        "CVE-2010-0652",
        "CVE-2010-1117",
        "CVE-2010-1852",
        "CVE-2010-2429",
        "CVE-2010-2442",
        "CVE-2010-4183",
        "CVE-2010-5071",
        "CVE-2011-0248",
        "CVE-2011-0347",
        "CVE-2011-2383",
        "CVE-2012-0287",
        "CVE-2012-1545",
        "CVE-2012-1879",
        "CVE-2012-2418",
        "CVE-2012-2419",
        "CVE-2012-2420",
        "CVE-2012-2421",
        "CVE-2012-2423",
        "CVE-2012-2424",
        "CVE-2012-2425",
        "CVE-2013-6903",
        "CVE-2013-6904",
        "CVE-2013-6905",
        "CVE-2013-6911",
        "CVE-2013-6913",
        "CVE-2017-11791",
        "CVE-2017-11837",
        "CVE-2017-11838",
        "CVE-2017-11843",
        "CVE-2017-11846",
        "CVE-2017-11858",
        "CVE-2017-8741",
        "CVE-2017-8748"
      ]
    },
    {
      "cpe": "cpe:2.3:a:microsoft:internet_explorer:8.0.6001:beta:*:*:*:*:*:*",
      "cpe_struct": {
        "part": "a",
        "vendor": "microsoft",
        "product": "internet_explorer",
        "version": "8\\.0\\.6001",
        "update": "beta",
        "edition": "*",
        "language": "*",
        "sw_edition": "*",
        "target_sw": "*",
        "target_hw": "*",
        "other": "*"
      },
      "cves": [
        "CVE-2002-2435",
        "CVE-2004-0549",
        "CVE-2004-2704",
        "CVE-2005-1829",
        "CVE-2005-4625",
        "CVE-2006-6956",
        "CVE-2007-2718",
        "CVE-2007-3075",
        "CVE-2007-3924",
        "CVE-2007-3930",
        "CVE-2007-3954",
        "CVE-2007-3958",
        "CVE-2008-0454",
        "CVE-2008-0460",
        "CVE-2008-1873",
        "CVE-2008-2841",
        "CVE-2008-3023",
        "CVE-2008-3173",
        "CVE-2008-4029",
        "CVE-2008-4127",
        "CVE-2008-4326",
        "CVE-2008-4387",
        "CVE-2008-5912",
        "CVE-2008-5917",
        "CVE-2008-7295",
        "CVE-2009-0305",
        "CVE-2009-2433",
        "CVE-2009-3737",
        "CVE-2009-4804",
        "CVE-2010-0027",
        "CVE-2010-0244",
        "CVE-2010-0245",
        "CVE-2010-0246",
        "CVE-2010-0248",
        "CVE-2010-0490",
        "CVE-2010-0492",
        "CVE-2010-0494",
        "CVE-2010-0652",
        "CVE-2010-1117",
        "CVE-2010-1852",
        "CVE-2010-2429",
        "CVE-2010-2442",
        "CVE-2010-4183",
        "CVE-2010-5071",
        "CVE-2011-0248",
        "CVE-2011-0347",
        "CVE-2011-2383",
        "CVE-2012-0287",
        "CVE-2012-1545",
        "CVE-2012-1879",
        "CVE-2012-2418",
        "CVE-2012-2419",
        "CVE-2012-2420",
        "CVE-2012-2421",
        "CVE-2012-2423",
        "CVE-2012-2424",
        "CVE-2012-2425",
        "CVE-2013-6903",
        "CVE-2013-6904",
        "CVE-2013-6905",
        "CVE-2013-6911",
        "CVE-2013-6913",
        "CVE-2017-11791",
        "CVE-2017-11837",
        "CVE-2017-11838",
        "CVE-2017-11843",
        "CVE-2017-11846",
        "CVE-2017-11858",
        "CVE-2017-8741",
        "CVE-2017-8748"
      ]
    },
    {
      "cpe": "cpe:2.3:a:microsoft:internet_explorer:8.0.7100.0:*:*:*:*:*:*:*",
      "cpe_struct": {
        "part": "a",
        "vendor": "microsoft",
        "product": "internet_explorer",
        "version": "8\\.0\\.7100\\.0",
        "update": "*",
        "edition": "*",
        "language": "*",
        "sw_edition": "*",
        "target_sw": "*",
        "target_hw": "*",
        "other": "*"
      },
      "cves": [
        "CVE-2009-2764"
      ]
    }
  ]
}