In [1]:
from pyvulnerabilitylookup import PyVulnerabilityLookup

# Configure HTTP sessions for API communication
print("Configuring API client for VulnerabilityLookup...")

# VulnerabilityLookup session configuration
vulnerability_lookup = PyVulnerabilityLookup()

print("API client configured successfully!")
print("Ready to query VulnerabilityLookup service.")

Configuring API client for VulnerabilityLookup...
API client configured successfully!
Ready to query VulnerabilityLookup service.


In [8]:
from datetime import datetime, timedelta
cpe = "cpe:2.3:a:microsoft:exchange_server"
vulns = vulnerability_lookup.get_vulnerabilities_by_cpe(cpe)

print(f"Finding top sighted CVEs for {cpe} product")  

# filter relevant CVE_RECORD entries
records = [v for v in vulns.get('cvelistv5', []) if v.get('dataType') == 'CVE_RECORD' and 'cveMetadata' in v]
cves = []

for vuln in records:
    meta = vuln['cveMetadata']
    cves.append(meta['cveId'])

# get sightings from last 90 days

delta = datetime.now() - timedelta(days=90)
cve_sightings_count = {} 
for cve in cves:
    result = vulnerability_lookup.get_sightings(vuln_id=cve, date_from=delta, sighting_type='exploited')
    if result['metadata']['count'] > 0:
        cve_sightings_count[cve] = result['metadata']['count']

# print sorted results
for cve, count in sorted(cve_sightings_count.items(), key=lambda item: item[1], reverse=True):
    print(f"{cve}: {count} sightings")

CVE-2021-26855: 73 sightings
CVE-2022-41082: 43 sightings
CVE-2021-34473: 41 sightings
