Search the National Vulnerability Database (NVD) for CVEs matching the given filters.

Returns a JSON string with pagination info and a list of matching CVEs, each containing: id, published date, status, English description, CVSS score, CWE weaknesses, top 5 references, and CISA KEV data if applicable.

Performance guidance:

• Keep results_per_page at 5–10 to avoid slow responses.

• When filtering by date, limit the window to 30 days or less.

• Broad severity or keyword queries without a date range can be slow; add pub_start_date / pub_end_date or last_mod_start_date / last_mod_end_date to speed them up.

Mutually exclusive groups (enforced by validation):

• cvssV2Metrics / cvssV3Metrics / cvssV4Metrics: use at most one

• cvssV2Severity / cvssV3Severity / cvssV4Severity: use at most one

• isVulnerable requires cpeName and excludes virtualMatchString

• version range params (versionStart/End) require virtualMatchString

Search the NVD CVE Change History API for changes made to CVE records.

Returns a JSON string with pagination info and a list of change events, each containing the CVE ID, event type, source, timestamp, and change details.

Performance guidance — the history API is significantly slower than the CVE API:

• Always set results_per_page to 2–5.

• Narrow the date window to 7 days or less when using change_start_date / change_end_date. The maximum allowable range is 120 consecutive days.

• Avoid querying by event_name alone without a date range — it scans the entire history database and will time out. Combine event_name with a date range.

• For a specific CVE use cve_id; that is the fastest query.