Am I affected?

Enter a product and version — like nginx 1.20.0 — and see the live CVEs that affect it right now, ranked by real-world risk: CVSS severity, EPSS exploitation probability, and whether CISA lists it as actively exploited. Free, no signup.

Product (CPE token)

Version (optional)

Try:

How matching works

We match your product against the official NVD CPE data on every CVE in our live feed, then compare your version against each CVE's affected version range. The match is deliberately conservative-correct — when a version range is ambiguous we err toward showing the CVE rather than hiding a real one. Use the software's CPE product token (e.g. http_server for Apache, linux_kernel for the Linux kernel).

Coverage & limits

• Best for infrastructure & OS software that NVD tracks with CPE version ranges — web servers, databases, libraries, operating systems.
• A no-match result reflects NVD CPE data for that exact token — it is not a guarantee of safety. Confirm the product token and version.
• Each result links to its full CVE Pulse page — scores, exploits, patches, and live internet-exposure footprint.
• Want this in your own tooling? The same data is in our free API and MCP server for Claude & Cursor.