Every CVE (Common Vulnerabilities and Exposures) record from the NIST National Vulnerability Database — 351,541 vulnerabilities since 1988. Per CVE: ID, source, published date, last modified, vuln status (Analyzed/Modified/Awaiting/Rejected), full English description, CVSS v3.1 base score + severity (LOW/MEDIUM/HIGH/CRITICAL) + vector string, CVSS v2 base score + severity, CWE classification (e.g. CWE-79 XSS, CWE-89 SQL injection, CWE-352 CSRF). Stored separately from DB1's nvd_cves (which has the 109k most recent) so we can serve the full ~3-decade history without bloating DB1.
Every record in this dataset can be traced back to its primary source at https://nvd.nist.gov/vuln/data-feeds. Underlying content is a US federal government work (public domain under 17 USC §105); our derived data is licensed CC0 1.0.