A command line tool to collect some information on given CVE IDs. It expects one or multiple CVE Ids as arguments and will query the API of the National Vulnerability Database for more information.

Output can be either in human-readable plain text format or in machine-readable formats like json or csv.

The returned data focuses on score and vector information.

Usage:

composer install
./cve-scores.php --help

Requests to the API are rate limited, cf. https://nvd.nist.gov/developers/start-here

Using an API key will loosen the rate limit and shall soon be implemented.