CVE Tools
cve.tools ← Back to home

Terms and Conditions

Last updated: March 11, 2026

1. Agreement to Terms

By accessing or using CVE Tools ("the Service"), operated by Pavel Buchnev ("we", "us", or "our"), you agree to be bound by these Terms and Conditions. If you do not agree to these terms, you may not access or use the Service.

2. Description of Service

CVE Tools is an AI-powered vulnerability intelligence platform that aggregates, enriches, and analyzes Common Vulnerabilities and Exposures (CVEs) data from publicly available sources including NVD, CISA KEV, EPSS, GHSA, and Nuclei Templates. The Service provides dashboards, AI-powered analysis, semantic search, REST API access, and MCP server integration.

3. Account Registration

To access certain features, you must create an account. You agree to:

  • Provide accurate and complete registration information
  • Maintain the security of your account credentials
  • Notify us immediately of any unauthorized access to your account
  • Accept responsibility for all activities that occur under your account

We reserve the right to approve, suspend, or terminate accounts at our discretion.

4. Acceptable Use

You agree not to:

  • Use the Service for any unlawful purpose or in violation of any applicable laws
  • Attempt to gain unauthorized access to the Service or its related systems
  • Interfere with or disrupt the integrity or performance of the Service
  • Use automated tools to scrape, crawl, or extract data beyond the provided API
  • Redistribute or resell the Service or its data without prior written consent
  • Use vulnerability data obtained from the Service to exploit systems without authorization

5. Intellectual Property

The Service, its original content (excluding third-party vulnerability data), features, and functionality are owned by us and are protected by applicable intellectual property laws. Vulnerability data aggregated by the Service originates from publicly available sources and is subject to the respective licenses and terms of those sources.

6. Third-Party Data Sources

The Service aggregates data from third-party sources including the National Vulnerability Database (NVD), CISA Known Exploited Vulnerabilities catalog, FIRST EPSS, GitHub Security Advisories, and ProjectDiscovery Nuclei Templates. We do not guarantee the accuracy, completeness, or timeliness of this data. Use of third-party data is subject to the terms and licenses of the respective data providers.

7. AI-Generated Content

The Service uses artificial intelligence to analyze and summarize vulnerability data. AI-generated content is provided for informational purposes only and should not be relied upon as the sole basis for security decisions. We do not guarantee the accuracy of AI-generated analysis and recommend independent verification for critical security assessments.

8. Subscription and Payments

Certain features of the Service may require a paid subscription. Payments are processed through Paddle.com (our Merchant of Record). By subscribing, you also agree to Paddle's Terms of Service. Subscription fees are billed in advance on a recurring basis. You may cancel your subscription at any time, and cancellation will take effect at the end of the current billing period.

9. Refund Policy

Refund requests are handled in accordance with Paddle's refund policies. If you are unsatisfied with the Service, you may request a refund within 14 days of your initial purchase. Refunds for renewal payments are evaluated on a case-by-case basis.

10. Disclaimer of Warranties

The Service is provided on an "AS IS" and "AS AVAILABLE" basis without warranties of any kind, whether express or implied, including but not limited to implied warranties of merchantability, fitness for a particular purpose, and non-infringement. We do not warrant that the Service will be uninterrupted, error-free, or free of harmful components.

11. Limitation of Liability

To the maximum extent permitted by applicable law, we shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, or goodwill, arising out of or in connection with your use of the Service, whether based on warranty, contract, tort, or any other legal theory.

12. API Usage

Access to the REST API and MCP server is subject to rate limits and usage quotas as specified in the API documentation. We reserve the right to modify rate limits and restrict API access for accounts that exceed reasonable usage thresholds or violate these terms.

13. Termination

We may terminate or suspend your access to the Service immediately, without prior notice, for any reason, including breach of these Terms. Upon termination, your right to use the Service ceases immediately. Provisions that by their nature should survive termination shall survive.

14. Changes to Terms

We reserve the right to modify these Terms at any time. Material changes will be communicated via the Service or by email. Your continued use of the Service after changes become effective constitutes acceptance of the revised Terms.

15. Governing Law

These Terms shall be governed by and construed in accordance with applicable laws, without regard to conflict of law principles.

16. Contact

If you have any questions about these Terms, please contact us at butschster@gmail.com.