A simple web-based tool to look up which hosts in your network are affected by a specific CVE, using the Tenable Security Center API.
Enter one or more CVE IDs (e.g. CVE-2025-54918) and the tool will query your Tenable Security Center to return a list of all affected hosts — including their IP address, DNS name, NetBIOS name, and Repository ID.
Results can be copied to clipboard or exported to CSV.
- 🔎 Single or multiple CVE lookup (comma-separated)
- 📊 Results displayed in a clean, sortable table
- 📋 Copy table data to clipboard
- ⬇️ Export results to CSV
- 🔒 Secure API key authentication via HTTP headers
- 🖥️ Responsive UI (mobile-friendly)
| Layer | Technology |
|---|---|
| Backend | Node.js + Express |
| Frontend | Vanilla JS + HTML/CSS |
| HTTP Client | Axios |
| Config | dotenv |
- Node.js v18 or higher
- Access to a Tenable Security Center instance
- Tenable SC API Access Key and Secret Key
git clone https://github.com/tint-us/tenvul.git
cd tenvulnpm installCreate a .env file in the root directory:
# Your Tenable Security Center hostname or IP (include https://)
TENABLE_HOST=https://your-tenable-sc-host
# Tenable SC API port (default: 443)
TENABLE_PORT=443
# Your Tenable SC API credentials
ACCESS_KEY=your_access_key_here
SECRET_KEY=your_secret_key_here
# Port for this web app (default: 3000)
PORT=3000
⚠️ Never commit your.envfile to Git. It contains sensitive credentials.
npm startThe app will be available at: http://localhost:3000
- Open the app in your browser at
http://localhost:3000 - Enter a CVE ID in the input field
- Single CVE:
CVE-2025-54918 - Multiple CVEs:
CVE-2025-12429,CVE-2025-12432,CVE-2025-12433
- Single CVE:
- Click "Query Host Terdampak" or press Enter
- View results in the table
- Use 📋 Copy Data or ⬇️ Export CSV to save the results
teenvul/
├── server.js # Express backend — handles API proxy to Tenable SC
├── package.json # Project metadata and dependencies
├── .env # Environment variables (NOT committed to Git)
├── .gitignore # Files excluded from Git
└── public/
└── index.html # Frontend UI (single-page app)
Queries Tenable SC for hosts affected by the given CVE(s).
Request body:
{
"cveID": "CVE-2025-54918"
}Success response:
{
"success": true,
"cveID": "CVE-2025-54918",
"hosts": [
{
"ip": "192.168.1.10",
"dnsName": "server01.local",
"netbiosName": "SERVER01",
"repositoryID": "1"
}
]
}Error response:
{
"success": false,
"error_msg": "Connection or API Error: ...",
"error_code": -1
}- This tool uses
NODE_TLS_REJECT_UNAUTHORIZED=0at startup to allow self-signed certificates — common in internal/lab Tenable SC deployments. Do not use this in production environments exposed to the public internet. - API credentials are stored in
.envand sent viax-apikeyheader — never exposed to the frontend.
| Problem | Solution |
|---|---|
Server configuration missing error |
Check that your .env file exists and has all required variables |
Connection or API Error |
Verify TENABLE_HOST is reachable from this server, including correct port |
| Empty results | The CVE may not have affected hosts in your environment, or the CVE ID format is wrong |
| Self-signed cert errors | The app already disables TLS verification by default — check your Tenable SC host URL |
Contributions are welcome! Feel free to open an issue or submit a pull request on GitHub.
Repository: github.com/tint-us/tenvul
tint-us · tintus.ardi@gmail.com · github.com/tint-us
MIT License — feel free to use, modify, and distribute.