/cvelistV5

CVE cache of the official CVE List in CVE JSON 5.0 format

CVE List V5

The CVE List is catalog of all CVE Records identified by, or reported to, the CVE Program.

This repository hosts bulk download files of CVE Records in CVE JSON 5.0 format (view the schema). You may search, download, and use the content hosted in this repository, per the CVE Program Terms of Use.

Legacy Format Downloads Available for Limited TimeLegacy format CVE List downloads that are currently available for download on the CVE.ORG website, which are derived from CVE JSON 4.0, will be phased out in the first half of 2024. Learn more here.

Releases

This repository includes release versions of all current CVE Records generated from the official CVE Services API. Baseline releases are issued once per day at midnight and posted in the following file name format: CVE Prefix-Year-Month-Day _ Greenwich Mean Time (GMT), (e.g., “CVE 2023-03-28_0000Z”). Hourly updates are also provided on the Releases page using the same file name format, with time changes encoded at the end.

Each baseline or hourly release includes three items:

  • ZIP file of all current CVE Records at midnight (e.g., “2023-03-28_all_CVEs.zip”)
  • ZIP file of all CVE Records added or modified since midnight (e.g., “2023-03-28_delta_CVEs_at_2200Z.zip”)
  • Release Notes for the specific release

NOTE: The most current release contains the most up-to-date CVE List content. Hourly updates contain only the most recent updates.

Known Issues with the cvelistV5 repository

The CVE Program is currently aware of the following issues with regard to CVE List downloads. These issues are currently being addressed by the CVE Automation Working Group (AWG). Updates or resolutions will be noted here when available.

  1. Added 3/28/2023: CVE Records published prior to 2023 may have significant publication, reserved, and update date discrepancies. As a result, this repository should not be used for CVE production metrics at this time. A fix will be forthcoming.

Issues listed in this section are not included in the Repository Issue Tracker.

Reporting Issues

Please use one of the following:

Pull Requests Not Allowed

This repository contains CVE Records published by CVE Program partners. It does not accept pull requests.

Cloning this Repository

You may clone the repository using git clone. However, pull requests will not be accepted.

Help

Please use the CVE Request Web Forms and select “Other” from the dropdown.