# CVE Vulnerability Monitor (NVD) (`agentictools/cve-vulnerability-monitor`) Actor

Search and monitor CVE vulnerabilities from the NVD by keyword, product, severity, or date, with CVSS scores and references.

- **URL**: https://apify.com/agentictools/cve-vulnerability-monitor.md
- **Developed by:** [Ken Agland](https://apify.com/agentictools) (community)
- **Categories:** Developer tools, Automation
- **Stats:** 2 total users, 1 monthly users, 100.0% runs succeeded, 0 bookmarks
- **User rating**: No ratings yet

## Pricing

$1.00 / 1,000 cve returneds

This Actor is paid per event. You are not charged for the Apify platform usage, but only a fixed price for specific events.

Learn more: https://docs.apify.com/platform/actors/running/actors-in-store#pay-per-event

## What's an Apify Actor?

Actors are a software tools running on the Apify platform, for all kinds of web data extraction and automation use cases.
In Batch mode, an Actor accepts a well-defined JSON input, performs an action which can take anything from a few seconds to a few hours,
and optionally produces a well-defined JSON output, datasets with results, or files in key-value store.
In Standby mode, an Actor provides a web server which can be used as a website, API, or an MCP server.
Actors are written with capital "A".

## How to integrate an Actor?

If asked about integration, you help developers integrate Actors into their projects.
You adapt to their stack and deliver integrations that are safe, well-documented, and production-ready.
The best way to integrate Actors is as follows.

In JavaScript/TypeScript projects, use official [JavaScript/TypeScript client](https://docs.apify.com/api/client/js.md):

```bash
npm install apify-client
```

In Python projects, use official [Python client library](https://docs.apify.com/api/client/python.md):

```bash
pip install apify-client
```

In shell scripts, use [Apify CLI](https://docs.apify.com/cli/docs.md):

````bash
# MacOS / Linux
curl -fsSL https://apify.com/install-cli.sh | bash
# Windows
irm https://apify.com/install-cli.ps1 | iex
```bash

In AI frameworks, you might use the [Apify MCP server](https://docs.apify.com/platform/integrations/mcp.md).

If your project is in a different language, use the [REST API](https://docs.apify.com/api/v2.md).

For usage examples, see the [API](#api) section below.

For more details, see Apify documentation as [Markdown index](https://docs.apify.com/llms.txt) and [Markdown full-text](https://docs.apify.com/llms-full.txt).


# README

## CVE Vulnerability Monitor (NVD)

Search and monitor CVE vulnerabilities from the NVD by keyword, product, severity, or date, with CVSS scores and references.

This Actor queries the National Vulnerability Database (NVD) CVE API and returns normalized vulnerabilities: CVSS score and severity, CWE weakness type, description, and reference links. Use it to track new CVEs for a product, watch for critical severity issues, or build a feed of vulnerabilities matching a keyword.

### Features

- Keyword search across CVE descriptions (product, vendor, or software name).
- Filter by CVSS v3 severity: low, medium, high, or critical.
- Filter to CVEs published in the last N days (up to 120).
- CVSS score, severity, and vector string from the best available metric (v3.1, then v3.0, then v2).
- Primary CWE weakness type and all reference URLs for each CVE.
- Aggregate summary (total matched, returned, severity breakdown) in the run's OUTPUT.

### Example input

New critical CVEs for a product in the last 30 days:

```json
{ "keyword": "openssl", "severity": "CRITICAL", "sinceDays": 30, "maxItems": 50 }
````

All recent log4j CVEs, any severity:

```json
{ "keyword": "log4j", "maxItems": 20 }
```

### Input

| Field | Type | Description |
|---|---|---|
| `keyword` | string | Search term matched against CVE descriptions (product, vendor, or software name). Required. |
| `severity` | string | `any`, `LOW`, `MEDIUM`, `HIGH`, or `CRITICAL`. Filters on CVSS v3 severity. |
| `sinceDays` | integer | Only return CVEs published in the last N days. 0 disables the date filter. Maximum 120. |
| `maxItems` | integer | How many CVEs to return (auto-paginated). Default 40. |

### Output

Each dataset item is one CVE:

```json
{
  "id": "CVE-2021-44228",
  "published": "2021-12-10T10:15:09.143",
  "lastModified": "2026-05-20T14:03:11.000",
  "description": "Apache Log4j2 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints...",
  "cvssScore": 10.0,
  "cvssSeverity": "CRITICAL",
  "cvssVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
  "cwe": "CWE-502",
  "references": [
    "https://logging.apache.org/log4j/2.x/security.html",
    "https://www.cve.org/CVERecord?id=CVE-2021-44228"
  ],
  "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
}
```

#### Run summary (OUTPUT)

The run's default key-value store record `OUTPUT` holds an aggregate for the whole result set:

```json
{
  "query": { "keyword": "log4j", "severity": "any", "sinceDays": 0, "pubStartDate": null, "pubEndDate": null },
  "totalMatched": 31,
  "returned": 15,
  "requestedMaxItems": 15,
  "severityBreakdown": { "CRITICAL": 3, "HIGH": 5, "MEDIUM": 4, "LOW": 3, "UNKNOWN": 0 },
  "generatedFrom": "https://services.nvd.nist.gov/rest/json/cves/2.0"
}
```

### How it works

The Actor calls the public NVD CVE API with your keyword and filters, paginating through results until it reaches the requested count or runs out of matches. Without an API key, NVD allows only about 5 requests per 30 seconds, so the Actor sleeps between page requests to stay within that limit. Each CVE is normalized to its best available CVSS metric (v3.1, falling back to v3.0, then v2), its primary CWE weakness, and its reference URLs.

### Use cases

- Track new vulnerabilities for a product or library you depend on.
- Build a feed of critical or high severity CVEs published this week.
- Feed CVE data into a vulnerability management or alerting pipeline.
- Research the history and CVSS scoring of a known CVE family.

MIT licensed.

# Actor input Schema

## `keyword` (type: `string`):

Search term matched against CVE descriptions, for example a product, vendor, or software name (log4j, openssl, wordpress).

## `severity` (type: `string`):

Only return CVEs at this CVSS v3 severity level. Any keeps every severity, including CVEs scored only under CVSS v2.

## `sinceDays` (type: `integer`):

Only return CVEs published within this many days. Set to 0 to disable the date filter. Maximum 120 days (an NVD API limit).

## `maxItems` (type: `integer`):

How many CVEs to return. Results are paginated automatically until this count is reached or there are no more matches.

## Actor input object example

```json
{
  "keyword": "openssl",
  "severity": "any",
  "sinceDays": 0,
  "maxItems": 40
}
```

# API

You can run this Actor programmatically using our API. Below are code examples in JavaScript, Python, and CLI, as well as the OpenAPI specification and MCP server setup.

## JavaScript example

```javascript
import { ApifyClient } from 'apify-client';

// Initialize the ApifyClient with your Apify API token
// Replace the '<YOUR_API_TOKEN>' with your token
const client = new ApifyClient({
    token: '<YOUR_API_TOKEN>',
});

// Prepare Actor input
const input = {
    "keyword": "log4j"
};

// Run the Actor and wait for it to finish
const run = await client.actor("agentictools/cve-vulnerability-monitor").call(input);

// Fetch and print Actor results from the run's dataset (if any)
console.log('Results from dataset');
console.log(`💾 Check your data here: https://console.apify.com/storage/datasets/${run.defaultDatasetId}`);
const { items } = await client.dataset(run.defaultDatasetId).listItems();
items.forEach((item) => {
    console.dir(item);
});

// 📚 Want to learn more 📖? Go to → https://docs.apify.com/api/client/js/docs

```

## Python example

```python
from apify_client import ApifyClient

# Initialize the ApifyClient with your Apify API token
# Replace '<YOUR_API_TOKEN>' with your token.
client = ApifyClient("<YOUR_API_TOKEN>")

# Prepare the Actor input
run_input = { "keyword": "log4j" }

# Run the Actor and wait for it to finish
run = client.actor("agentictools/cve-vulnerability-monitor").call(run_input=run_input)

# Fetch and print Actor results from the run's dataset (if there are any)
print("💾 Check your data here: https://console.apify.com/storage/datasets/" + run["defaultDatasetId"])
for item in client.dataset(run["defaultDatasetId"]).iterate_items():
    print(item)

# 📚 Want to learn more 📖? Go to → https://docs.apify.com/api/client/python/docs/quick-start

```

## CLI example

```bash
echo '{
  "keyword": "log4j"
}' |
apify call agentictools/cve-vulnerability-monitor --silent --output-dataset

```

## MCP server setup

```json
{
    "mcpServers": {
        "apify": {
            "command": "npx",
            "args": [
                "mcp-remote",
                "https://mcp.apify.com/?tools=agentictools/cve-vulnerability-monitor",
                "--header",
                "Authorization: Bearer <YOUR_API_TOKEN>"
            ]
        }
    }
}

```

## OpenAPI specification

```json
{
    "openapi": "3.0.1",
    "info": {
        "title": "CVE Vulnerability Monitor (NVD)",
        "description": "Search and monitor CVE vulnerabilities from the NVD by keyword, product, severity, or date, with CVSS scores and references.",
        "version": "0.1",
        "x-build-id": "cH5LR9YwUeRUJ0wgc"
    },
    "servers": [
        {
            "url": "https://api.apify.com/v2"
        }
    ],
    "paths": {
        "/acts/agentictools~cve-vulnerability-monitor/run-sync-get-dataset-items": {
            "post": {
                "operationId": "run-sync-get-dataset-items-agentictools-cve-vulnerability-monitor",
                "x-openai-isConsequential": false,
                "summary": "Executes an Actor, waits for its completion, and returns Actor's dataset items in response.",
                "tags": [
                    "Run Actor"
                ],
                "requestBody": {
                    "required": true,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/inputSchema"
                            }
                        }
                    }
                },
                "parameters": [
                    {
                        "name": "token",
                        "in": "query",
                        "required": true,
                        "schema": {
                            "type": "string"
                        },
                        "description": "Enter your Apify token here"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK"
                    }
                }
            }
        },
        "/acts/agentictools~cve-vulnerability-monitor/runs": {
            "post": {
                "operationId": "runs-sync-agentictools-cve-vulnerability-monitor",
                "x-openai-isConsequential": false,
                "summary": "Executes an Actor and returns information about the initiated run in response.",
                "tags": [
                    "Run Actor"
                ],
                "requestBody": {
                    "required": true,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/inputSchema"
                            }
                        }
                    }
                },
                "parameters": [
                    {
                        "name": "token",
                        "in": "query",
                        "required": true,
                        "schema": {
                            "type": "string"
                        },
                        "description": "Enter your Apify token here"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK",
                        "content": {
                            "application/json": {
                                "schema": {
                                    "$ref": "#/components/schemas/runsResponseSchema"
                                }
                            }
                        }
                    }
                }
            }
        },
        "/acts/agentictools~cve-vulnerability-monitor/run-sync": {
            "post": {
                "operationId": "run-sync-agentictools-cve-vulnerability-monitor",
                "x-openai-isConsequential": false,
                "summary": "Executes an Actor, waits for completion, and returns the OUTPUT from Key-value store in response.",
                "tags": [
                    "Run Actor"
                ],
                "requestBody": {
                    "required": true,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/inputSchema"
                            }
                        }
                    }
                },
                "parameters": [
                    {
                        "name": "token",
                        "in": "query",
                        "required": true,
                        "schema": {
                            "type": "string"
                        },
                        "description": "Enter your Apify token here"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK"
                    }
                }
            }
        }
    },
    "components": {
        "schemas": {
            "inputSchema": {
                "type": "object",
                "required": [
                    "keyword"
                ],
                "properties": {
                    "keyword": {
                        "title": "Keyword",
                        "type": "string",
                        "description": "Search term matched against CVE descriptions, for example a product, vendor, or software name (log4j, openssl, wordpress)."
                    },
                    "severity": {
                        "title": "CVSS v3 severity",
                        "enum": [
                            "any",
                            "LOW",
                            "MEDIUM",
                            "HIGH",
                            "CRITICAL"
                        ],
                        "type": "string",
                        "description": "Only return CVEs at this CVSS v3 severity level. Any keeps every severity, including CVEs scored only under CVSS v2.",
                        "default": "any"
                    },
                    "sinceDays": {
                        "title": "Published in the last N days",
                        "minimum": 0,
                        "maximum": 120,
                        "type": "integer",
                        "description": "Only return CVEs published within this many days. Set to 0 to disable the date filter. Maximum 120 days (an NVD API limit).",
                        "default": 0
                    },
                    "maxItems": {
                        "title": "Maximum items",
                        "minimum": 1,
                        "maximum": 2000,
                        "type": "integer",
                        "description": "How many CVEs to return. Results are paginated automatically until this count is reached or there are no more matches.",
                        "default": 40
                    }
                }
            },
            "runsResponseSchema": {
                "type": "object",
                "properties": {
                    "data": {
                        "type": "object",
                        "properties": {
                            "id": {
                                "type": "string"
                            },
                            "actId": {
                                "type": "string"
                            },
                            "userId": {
                                "type": "string"
                            },
                            "startedAt": {
                                "type": "string",
                                "format": "date-time",
                                "example": "2025-01-08T00:00:00.000Z"
                            },
                            "finishedAt": {
                                "type": "string",
                                "format": "date-time",
                                "example": "2025-01-08T00:00:00.000Z"
                            },
                            "status": {
                                "type": "string",
                                "example": "READY"
                            },
                            "meta": {
                                "type": "object",
                                "properties": {
                                    "origin": {
                                        "type": "string",
                                        "example": "API"
                                    },
                                    "userAgent": {
                                        "type": "string"
                                    }
                                }
                            },
                            "stats": {
                                "type": "object",
                                "properties": {
                                    "inputBodyLen": {
                                        "type": "integer",
                                        "example": 2000
                                    },
                                    "rebootCount": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "restartCount": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "resurrectCount": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "computeUnits": {
                                        "type": "integer",
                                        "example": 0
                                    }
                                }
                            },
                            "options": {
                                "type": "object",
                                "properties": {
                                    "build": {
                                        "type": "string",
                                        "example": "latest"
                                    },
                                    "timeoutSecs": {
                                        "type": "integer",
                                        "example": 300
                                    },
                                    "memoryMbytes": {
                                        "type": "integer",
                                        "example": 1024
                                    },
                                    "diskMbytes": {
                                        "type": "integer",
                                        "example": 2048
                                    }
                                }
                            },
                            "buildId": {
                                "type": "string"
                            },
                            "defaultKeyValueStoreId": {
                                "type": "string"
                            },
                            "defaultDatasetId": {
                                "type": "string"
                            },
                            "defaultRequestQueueId": {
                                "type": "string"
                            },
                            "buildNumber": {
                                "type": "string",
                                "example": "1.0.0"
                            },
                            "containerUrl": {
                                "type": "string"
                            },
                            "usage": {
                                "type": "object",
                                "properties": {
                                    "ACTOR_COMPUTE_UNITS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_WRITES": {
                                        "type": "integer",
                                        "example": 1
                                    },
                                    "KEY_VALUE_STORE_LISTS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_INTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_EXTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_RESIDENTIAL_TRANSFER_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_SERPS": {
                                        "type": "integer",
                                        "example": 0
                                    }
                                }
                            },
                            "usageTotalUsd": {
                                "type": "number",
                                "example": 0.00005
                            },
                            "usageUsd": {
                                "type": "object",
                                "properties": {
                                    "ACTOR_COMPUTE_UNITS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_WRITES": {
                                        "type": "number",
                                        "example": 0.00005
                                    },
                                    "KEY_VALUE_STORE_LISTS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_INTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_EXTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_RESIDENTIAL_TRANSFER_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_SERPS": {
                                        "type": "integer",
                                        "example": 0
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
    }
}
```
