CVE / KEV Lookup

Enter a CVE id to see severity (CVSS), exploit probability (EPSS), whether it's actively exploited (CISA KEV) and remediation pointers in one place. ITD's own feed DB first, with a live NVD/FIRST fallback.

This tool reads ITD's feed DB (CISA KEV + EPSS + NVD) and only fetches from public APIs (NVD/FIRST) for CVEs not in the DB. Your data is never sent.

Try an example (Log4Shell / CVE-2021-44228)

CVE-2021-44228ITD DBActively exploited (KEV)Ransomware useITD priority: Critical

Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.

NVD official

Severity (CVSS)

CVSS10.0v3.1

Exploit probability (EPSS)

94.4%

EPSS percentile

100%

KEV added

2021-12-10

Remediation due

2021-12-24

Weakness type (CWE)

CWE-20 CWE-400 CWE-502 CWE-917

References

How to use

1Enter the CVE id you care about (e.g. CVE-2021-44228).
2CVSS, EPSS, KEV (actively exploited?) and remediation pointers are shown.
3Dig deeper via “ITD's analysis” or the “NVD official” page.

Why it matters

CVSS is severity, but whether it gets exploited is a different question. Pairing EPSS (probability of exploitation in 30 days) with CISA KEV (exploitation actually observed) lets you decide realistically whether to fix it now. ITD puts all three (CVSS × EPSS × KEV) on one screen.

FAQ

QWhat is KEV?

CISA's catalog of vulnerabilities with confirmed real-world exploitation. KEV-listed = attacks are actually happening — top priority to fix.

QEPSS vs CVSS?

CVSS is severity; EPSS is the probability of exploitation in the next 30 days. A severe bug can have low exploit probability — seeing both gives realistic prioritization.

QCan I look up any CVE?

KEV-listed CVEs in ITD's DB show instantly. Others resolve via a live NVD fetch if they exist (KEV will then read 'not listed').

CVE / KEV Lookup

How to use

Why it matters

FAQ

Related