CISA KEV Scraper - Exploited Vulnerability Data avatar

CISA KEV Scraper - Exploited Vulnerability Data

Pricing

from $2.50 / 1,000 results

Go to Apify Store
CISA KEV Scraper - Exploited Vulnerability Data

CISA KEV Scraper - Exploited Vulnerability Data

Scrape CISA Known Exploited Vulnerabilities catalog: CVEs, vendors, products, due dates and remediation notes.

Pricing

from $2.50 / 1,000 results

Rating

0.0

(0)

Developer

ben

ben

Maintained by Community

Actor stats

0

Bookmarked

2

Total users

1

Monthly active users

3 days ago

Last modified

Share

Scrape structured data from CISA KEV in a single Apify run. This actor is built for teams that need dependable metadata for monitoring, enrichment, research, reporting, lead scoring, risk review, or internal dashboards without maintaining their own connectors.

What does this actor do?

The CISA KEV Scraper - Exploited Vulnerability Data fetches live data directly from the official public endpoint behind CISA KEV. It turns the response into clean rows in the Apify dataset so you can export the result to JSON, CSV, Excel, Google Sheets, a database, Make, Zapier, n8n, or your own API workflow.

This actor is intentionally conservative: it uses public HTTP endpoints, small default result counts, clear field names, and no browser automation. That keeps runs fast, reliable, inexpensive, and suitable for scheduled monitoring.

Why use it?

Commercial data teams usually need the same connector over and over again: pull a fresh list, normalize the fields, compare it to yesterday, enrich another dataset, and trigger an alert when something changes. Building that connector once is easy; keeping it healthy across schedules, retries, exports, and API calls is the slow part. This actor packages that workflow into a maintained Apify Store actor.

Use it when you need fresh records for monitoring, normalized metadata instead of raw nested API responses, scheduled feeds that can run daily or hourly, a no-code export path to CSV or Excel, a simple API endpoint your backend can call, or a low-maintenance actor that does not require proxies, browser sessions, or login cookies.

Input

{
"query": "microsoft",
"maxResults": 25
}

For package vulnerability lookups, you can also pass an ecosystem when the source supports it:

{
"query": "requests",
"ecosystem": "PyPI",
"maxResults": 25
}

Output

Each row is pushed to the default Apify dataset. Fields vary slightly by source, but the actor keeps names flat and analysis-friendly. Typical fields include identifiers, title or name, description, source URL, dates, ratings or scores, owner or publisher data, references, and the original search query.

{
"name": "example",
"description": "Normalized source metadata",
"source": "CISA KEV",
"search": "microsoft"
}

Common use cases

Use this actor to build a searchable internal index, monitor security or package metadata changes, enrich software inventory and dependency dashboards, feed BI reports and alerting workflows, track competitive ecosystems or public project activity, and create lightweight data products without hosting a custom scraper.

Data quality

The actor reads live public data at runtime and normalizes it into stable fields. HTML snippets are cleaned, nested fields are flattened where useful, lists are capped to practical sizes, and failed requests are retried before the run ends. For large searches, use schedules and modest limits rather than one oversized run.

Reliability

This actor does not depend on brittle browser automation. It uses direct HTTP requests to public JSON endpoints with timeouts and retries. That makes it suitable for Apify daily tests and recurring production jobs. If the upstream API changes, the actor can be adjusted without changing your downstream workflow.

Pricing

The actor uses pay-per-event pricing. You pay a small run-start fee and a per-result fee for each dataset item. This keeps short monitoring jobs affordable while still supporting larger exports when you need them.

FAQ

Does this require an API key?

No. The default workflow uses public endpoints and does not require credentials.

Can I run it on a schedule?

Yes. Apify schedules are ideal for daily monitoring, weekly reports, and recurring enrichment jobs.

Can I export the results?

Yes. Apify datasets can be downloaded as JSON, CSV, Excel, XML, RSS, or HTML table, and can be connected to automation tools or your own API.

Is this a browser scraper?

No. It is a direct HTTP actor, which is faster and more reliable for this data source.

Can I increase maxResults?

Yes. Start small while testing, then increase the limit for production. Large runs may take longer depending on the upstream endpoint.

You might also like: Maven Central Scraper, NuGet Package Scraper, Open VSX Extensions Scraper, NVD CVE Scraper, CISA KEV Scraper, OSV Vulnerability Scraper, EPSS CVE Scraper.

Keywords

CISA KEV scraper, CISA KEV API, metadata scraper, Apify CISA KEV, public data API, software metadata, vulnerability data, developer tools data, business data automation, JSON export, CSV export, no-code data extraction

Production workflow tips

For monitoring workflows, create one saved task per important search term and run each task on a schedule. This makes the output easier to compare over time and avoids oversized runs. For example, a security team can create separate tasks for high-risk vendors, critical packages, or known CVEs, while a developer-tools team can create separate tasks for languages, frameworks, extension categories, or repository topics.

When you connect the actor to downstream tools, keep the original source and search fields. They make it easy to merge multiple scheduled runs into one warehouse table while still knowing where every row came from. If you use the data for alerts, compare stable identifiers first, then compare timestamps, scores, severity values, download counts, or activity fields depending on the source.

Maintenance approach

The actor is designed around public endpoints with clear response formats. That means there is no login flow to expire, no CAPTCHA to solve, no browser fingerprint to maintain, and no residential proxy cost hidden inside each run. If an upstream service changes its schema, the actor can be patched quickly while keeping the same output concept for existing users.

Who is this for?

This actor is useful for security analysts, platform teams, DevOps teams, data analysts, marketplace researchers, software supply-chain teams, and agencies that build recurring reports for clients. It is also a practical base for enrichment pipelines: collect the source record here, then join it with your asset inventory, package list, extension catalog, project list, or vulnerability management database.