OnlyPatch supports a structured query language on the search page that lets you filter CVEs by severity, CVSS score, month, researcher, weakness class, and exploitation status — and combine operators freely.
Search operators
| Operator | Example | Description |
|---|---|---|
severity: |
severity:critical |
Microsoft severity rating. Values: critical, important, moderate, low |
cvss: |
cvss:7+ |
CVSS base score filter. See syntax below. |
month: |
month:2026-07 |
Patch Tuesday month in YYYY-MM format |
cwe_id: |
cwe_id:CWE-416 |
CWE weakness class (e.g. Use After Free, Out-of-Bounds Write) |
author: |
author:"Genwei Jiang" |
Researcher credited in the MSRC acknowledgment. Quotes required. |
kev |
kev |
CISA Known Exploited Vulnerabilities (KEV) listed |
kev:true |
kev:true |
Same as above |
disclosed |
disclosed |
Publicly disclosed before patch |
disclosed:true |
disclosed:true |
Same as above |
itw |
itw |
Exploited in the wild at time of disclosure |
CVSS score syntax
The cvss: operator accepts three forms:
| Syntax | Meaning | Example |
|---|---|---|
cvss:N+ |
Score ≥ N | cvss:7+ |
cvss:N-M |
Score between N and M (inclusive) | cvss:7-9 |
cvss:N.N |
Exact score (±0.05) | cvss:9.8 |
Combining operators
Operators are combined with AND logic — all conditions must match.
severity:critical cvss:9+
severity:critical month:2026-07
cvss:7+ cwe_id:CWE-416
author:"Genwei Jiang" severity:critical
itw month:2026-07
kev cvss:9+
You can also mix operators with free-text keywords:
severity:critical sharepoint
month:2025-10 exchange
Author search
The author: operator matches against MSRC acknowledgment credits. The value must always be quoted, even for single words:
author:"genwei"
author:"Genwei Jiang"
author:"mandiant"
The match is case-insensitive and substring-based, so author:"genwei" matches any researcher whose name contains “genwei”. Unquoted author:name is treated as free-text search, not an author filter.
Common queries
| Query | What it finds |
|---|---|
itw |
All CVEs exploited in the wild |
kev |
All CISA KEV-listed CVEs |
severity:critical cvss:9+ |
Critical CVEs with CVSS ≥ 9 |
severity:critical month:2026-07 |
Critical CVEs from July 2026 |
cwe_id:CWE-416 |
Use-After-Free vulnerabilities |
cwe_id:CWE-122 |
Heap-based buffer overflow |
cwe_id:CWE-190 |
Integer overflow |
disclosed kev |
Publicly disclosed AND KEV-listed |
author:"Genwei Jiang" |
CVEs credited to Genwei Jiang |
author:mandiant severity:critical |
Critical CVEs credited to Mandiant researchers |
cvss:7-9 month:2025-10 |
CVSS 7–9 CVEs from October 2025 |
Data fields
Each CVE page shows:
- Overview — severity, CVSS score, exploitation and disclosure status, affected product family, CWE, EPSS probability
- CVSS Vector — full CVSS 3.1 base and temporal metrics with a link to the FIRST.org calculator
- Affected Software — product, KB article, severity, impact, fixed build
- Acknowledgments — researcher credits as published by MSRC
Coverage
CVE data runs from January 2019 to the current Patch Tuesday. Only CVEs issued by Microsoft (CNA = Microsoft) are included — third-party CVEs ingested into Edge bulletins (Chromium, V8, etc.) are excluded. CVSS scores are sourced from NVD where available and fall back to the MSRC-provided score.