CVE Search

The CVE search page is your primary interface for exploring BreachSpider's enriched vulnerability corpus. With 354,000+ CVEs indexed and continuously updated, the search supports multiple query types, advanced filters, and customizable sorting to help you find exactly what you need.

Search Bar

Enter any of the following in the search bar:

• CVE ID: Search by exact CVE identifier. Example: CVE-2025-32433.
• Keyword: Search by description keywords. Example: authentication bypass, buffer overflow, remote code execution.
• Vendor name: Search by manufacturer. Example: siemens, cisco, rockwell.
• Product name: Search by product. Example: s7-1500, modicon, wincc.
• BSID: Search by BreachSpider ID. Example: BS-2025-254014-C.

The search engine checks CVE IDs, descriptions, vendor names, product names, and CWE descriptions. Results are ranked by relevance to your query, with exact CVE ID matches appearing first.

Filters

Narrow your results with the filter panel (click Filters to expand):

Severity:

• CRITICAL (CVSS 9.0-10.0)
• HIGH (CVSS 7.0-8.9)
• MEDIUM (CVSS 4.0-6.9)
• LOW (CVSS 0.1-3.9)

Select one or more severity levels. Leave all unchecked to show all severities.

KEV Only: Toggle to show only CVEs that appear in the Known Exploited Vulnerabilities catalog. These are confirmed actively exploited.

ICS Relevant: Toggle to show only CVEs with an ICS/OT relevance score of 0.5 or higher. Useful for filtering out purely IT vulnerabilities when researching OT-specific threats.

Patch Status:

• Patched: a vendor patch is available.
• Unpatched: no vendor patch released yet.
• Partial: patch available for some but not all affected versions.

Exploit Maturity:

• NONE: no known exploit code.
• POC: proof-of-concept code exists (may not be reliable).
• FUNCTIONAL: a working exploit exists and has been demonstrated.
• WEAPONIZED: exploit integrated into attack frameworks or actively used in campaigns.

Date Range: Filter by publication date. Use "Published after" and "Published before" to define a window. Useful for reviewing CVEs published since your last assessment.

EPSS Minimum: Set a floor for the EPSS exploitation probability score. Example: 0.5 shows only CVEs in the top 50th percentile of exploitation likelihood.

BCS Minimum: Set a floor for the BreachSpider Confidence Score. Example: 7.0 shows only CVEs with high exploitation priority.

Sort Options

Control the order of search results:

Reading Search Results

Each search result card displays:

• CVE ID and BSID: The NVD identifier and BreachSpider's internal identifier.
• Severity badge: Color-coded -- red for critical, orange for high, yellow for medium, blue for low.
• CVSS score: Numeric severity score (0.0-10.0).
• BCS score: BreachSpider exploitation priority score (0.0-10.0).
• EPSS percentile: Exploitation probability ranking compared to all CVEs.
• KEV badge (red): Present if the CVE is in the KEV catalog.
• Exploit Maturity badge: Shows NONE, POC, FUNCTIONAL, or WEAPONIZED.
• Primary vendor and product: The main affected software or hardware.
• Published date: When the CVE was first published in the NVD.
• Patch status: Whether a patch is available.

Click any result card to open the full CVE detail page.

Saving a Search Result

To track a CVE from search results, click the bookmark icon on the result card. This adds the CVE to your Watchlist. The bookmark icon turns green to confirm.

Watchlisted CVEs generate alerts when new exploitation data is published -- EPSS spikes, new exploit code, KEV catalog addition, or new vendor patches.

Search via API

curl -H "Authorization: Bearer bs_live_..." \
  "https://breachspider.com/api/v1/cves?q=siemens+s7&severity=CRITICAL&kev_only=true&sort=bcs&limit=20"

The API supports all the same filters as the UI. See the CVE API Reference for the full parameter list.

Rate Limits

CVE search counts against your daily search quota:

Each API call or UI search counts as one search. The counter resets at midnight UTC.