diff --git a/security_tools/redhat_tools/rhel_rpm_to_cve.rb b/security_tools/redhat_tools/rhel_rpm_to_cve.rb
index 1a9ab76..9cceec3 100644
--- a/security_tools/redhat_tools/rhel_rpm_to_cve.rb
+++ b/security_tools/redhat_tools/rhel_rpm_to_cve.rb
@@ -1,5 +1,6 @@
 # frozen_string_literal: true
-# this is meant to parse and query data in redhat linux rpm-to-cve.xml file 
+
+# this is meant to parse and query data in redhat linux rpm-to-cve.xml file
 # that is posted on their security API.
 # Reference: https://www.redhat.com/security/data/metrics/
 
@@ -24,7 +25,7 @@ class RhelRpmToCve
   def refresh_rpm_to_cve_file(path)
     r = RestClient::Request.execute(
       method: :get,
-      url: "https://www.redhat.com/security/data/metrics/rpm-to-cve.xml"
+      url: 'https://www.redhat.com/security/data/metrics/rpm-to-cve.xml'
     )
     if r.code == 200
       File.write(path, r.body)
diff --git a/security_tools/redhat_tools/rhel_security_api_client.rb b/security_tools/redhat_tools/rhel_security_api_client.rb
index 0cea316..79c2761 100644
--- a/security_tools/redhat_tools/rhel_security_api_client.rb
+++ b/security_tools/redhat_tools/rhel_security_api_client.rb
@@ -5,6 +5,7 @@
 
 require 'rest-client'
 require 'json'
+require 'active_support/core_ext/array/grouping.rb'
 
 class RhelSecurityApiClient
   attr_accessor :base_url
@@ -46,4 +47,14 @@ class RhelSecurityApiClient
     params = {}
     request("/cve/#{cve_id}.json", params)
   end
+
+  def cves(cve_ids)
+    params = {}
+    responses = []
+    cve_ids.in_groups_of(500, false) do |cve_id_batch|
+      csv_cve_url_str = cve_id_batch.join(',')
+      responses << request('/cve.json?ids=' + csv_cve_url_str, params)
+    end
+    responses.flatten
+  end
 end
diff --git a/security_tools/redhat_tools/rpm_pkg_audit.rb b/security_tools/redhat_tools/rpm_pkg_audit.rb
index 378febf..1c2cb58 100755
--- a/security_tools/redhat_tools/rpm_pkg_audit.rb
+++ b/security_tools/redhat_tools/rpm_pkg_audit.rb
@@ -3,6 +3,7 @@
 
 require 'optparse'
 require 'json'
+require 'csv'
 require './rhel_rpm_to_cve'
 require './rhel_security_api_client'
 require 'pry'
@@ -13,6 +14,11 @@ data_file = './data/rpm-to-cve.xml'
 
 options = {}
 
+# for use with --cves-from-file arg
+def read_cves_file(filepath)
+  CSV.read(filepath).flatten
+end
+
 parser = OptionParser.new do |parser|
   parser.banner = 'Usage: rpm_pkg_audit.rb [options]'
   parser.on('-p', '--pkg PKGNAME', 'Takes a base pkg name and returns cves from redhats security API.') do |pkg|
@@ -30,6 +36,9 @@ parser = OptionParser.new do |parser|
   parser.on('-c', '--cve CVE_ID', 'Takes a cve id and returns cve json from redhats security API.') do |cve|
     options[:cve] = cve
   end
+  parser.on('-f', '--cves-from-file CVE_FILE', 'Takes a file one cve id per line and sends a batch request to redhat security API') do |file|
+    options[:file] = file
+  end
 end
 
 parser.parse!
@@ -58,6 +67,11 @@ elsif options[:cve]
   cve = options[:cve]
   r = rhel_api_client.cve_id(cve)
   puts JSON.pretty_generate(r)
+elsif options[:file]
+  filepath = options[:file]
+  cve_ids = read_cves_file(filepath)
+  r = rhel_api_client.cves(cve_ids)
+  puts JSON.pretty_generate(r)
 else options.key?(:list)
      puts rpm_auditer.list_pkg_names.sort
 end