# CVE Security Advisory Monitor — AI Agent Vulnerability API (`logiover/cve-security-advisory-monitor`) Actor

Keyless vulnerability intelligence for AI agents: NVD + GitHub Security Advisories + OSV merged. Daily new CVEs, keyword search, or product/package lookups. CVSS scores, weaknesses, affected versions, patch info and references per row. No API key, no browser.

- **URL**: https://apify.com/logiover/cve-security-advisory-monitor.md
- **Developed by:** [Logiover](https://apify.com/logiover) (community)
- **Categories:** News, Developer tools
- **Stats:** 2 total users, 1 monthly users, 100.0% runs succeeded, 0 bookmarks
- **User rating**: No ratings yet

## Pricing

from $3.50 / 1,000 results

This Actor is paid per event. You are not charged for the Apify platform usage, but only a fixed price for specific events.
Since this Actor supports Apify Store discounts, the price gets lower the higher subscription plan you have.

Learn more: https://docs.apify.com/platform/actors/running/actors-in-store#pay-per-event

## What's an Apify Actor?

Actors are a software tools running on the Apify platform, for all kinds of web data extraction and automation use cases.
In Batch mode, an Actor accepts a well-defined JSON input, performs an action which can take anything from a few seconds to a few hours,
and optionally produces a well-defined JSON output, datasets with results, or files in key-value store.
In Standby mode, an Actor provides a web server which can be used as a website, API, or an MCP server.
Actors are written with capital "A".

## How to integrate an Actor?

If asked about integration, you help developers integrate Actors into their projects.
You adapt to their stack and deliver integrations that are safe, well-documented, and production-ready.
The best way to integrate Actors is as follows.

In JavaScript/TypeScript projects, use official [JavaScript/TypeScript client](https://docs.apify.com/api/client/js.md):

```bash
npm install apify-client
```

In Python projects, use official [Python client library](https://docs.apify.com/api/client/python.md):

```bash
pip install apify-client
```

In shell scripts, use [Apify CLI](https://docs.apify.com/cli/docs.md):

````bash
# MacOS / Linux
curl -fsSL https://apify.com/install-cli.sh | bash
# Windows
irm https://apify.com/install-cli.ps1 | iex
```bash

In AI frameworks, you might use the [Apify MCP server](https://docs.apify.com/platform/integrations/mcp.md).

If your project is in a different language, use the [REST API](https://docs.apify.com/api/v2.md).

For usage examples, see the [API](#api) section below.

For more details, see Apify documentation as [Markdown index](https://docs.apify.com/llms.txt) and [Markdown full-text](https://docs.apify.com/llms-full.txt).


# README

## CVE Security Advisory Monitor — AI Agent Vulnerability Intelligence API

> **Keyless vulnerability intelligence for AI security agents.** Pull CVEs from NVD, GitHub Security Advisories and OSV — merged, deduplicated, enriched with CVSS scores, CWE weaknesses, affected versions, patch info and references. Track daily new CVEs, search by keyword, or look up a product/package. No API key, no headless browser.

Built for the new wave of **AI agents that reason about software security** — DevSecOps agents that triage the daily CVE feed, dependency agents that check "is this package vulnerable?", patch-prioritization agents that rank by CVSS, and RAG pipelines that ground LLM answers in current vulnerability data instead of stale training-set knowledge.

---

### 🎯 What this Actor is for

Software vulnerabilities are published constantly — NVD alone logs hundreds of new CVEs a week. When an AI agent is asked *"any new critical CVEs for our stack today?"* or *"is django 4.2.0 vulnerable?"*, it needs **structured, current, multi-source vulnerability data** — not a raw NVD JSON page to re-parse. `cve-security-advisory-monitor` is that vulnerability-grounding layer:

- **Daily new CVEs.** `recent` mode pulls everything published in the last N days across NVD + GitHub Advisory — ideal for a scheduled daily monitoring run. Hundreds of fresh advisories per day.
- **Keyword search.** `search` mode finds CVEs by description keyword (e.g. `log4j`, `wordpress rce`, `apache`).
- **Product/package lookup.** `product` mode queries OSV for vulnerabilities affecting specific packages (`npm:express`, `pypi:django`, `maven:org.springframework:spring-core`) — perfect for dependency scanning.
- **Multi-source merge.** NVD (CVEs, CVSS, CWE, CPE), GitHub Security Advisories (GHSA, often with package-level affected ranges and fix versions), and OSV (open-source DB that merges many sources) are normalized and deduplicated. The same CVE found in all three collapses into one row with `sourceFeeds` showing where it appeared.
- **Triage-ready schema.** Every advisory carries CVE/GHSA/OSV IDs, CVSS score + severity + vector, CWE weaknesses, affected products/versions, patched version and reference URLs.
- **Severity filtering.** `minCvss` keeps only High+ (7.0+) or Critical (9.0+) for focused triage.
- **AI-agent friendly.** Predictable fields, ISO dates, nullable values, per-source attribution. Drop straight into a prompt or a vector store.
- **No keys, no browser.** Pure HTTP + JSON APIs on a small Node 20 container, with Apify proxy IP rotation to spread NVD/GitHub keyless rate limits. Cheap, fast, resilient.

---

### ✨ Key features

- **🛡️ NVD (NIST)** — `services.nvd.nist.gov/rest/json/cves/2.0` with date range (recent) or keywordSearch. Paginated (200/page). CVSS v3.1 (falls back to v2), CWE, CPE affected products.
- **🐙 GitHub Security Advisories** — `api.github.com/advisories` with `published>=` filter. GHSA IDs (cross-linked to CVEs), package-level affected ranges, fix versions, references.
- **📦 OSV.dev** — `api.osv.dev/v1/query` POST batch for package lookups. Merges NVD, GHSA, PyPA, RUSTSEC, Go, and many ecosystem-specific DBs. Aliases resolve to CVE/GHSA.
- **🔀 Cross-source dedup** — same CVE found in NVD + GHSA + OSV merges into one row; `sourceFeeds` lists carriers; richest fields win (summary, CVSS, patch version, CWE).
- **📊 CVSS + severity** — `cvssScore`, `cvssSeverity` (LOW/MEDIUM/HIGH/CRITICAL), `cvssVector`. `minCvss` filter for triage.
- **🏷️ CWE weaknesses** — `weaknesses` array (CWE-79, CWE-89, …) for classification.
- **🎯 Affected versions** — CPE products (NVD), package + ranges (GHSA/OSV), with `patchedVersion` extracted from fix events.
- **📅 Daily monitoring** — `recent` mode with `daysBack: 1` = today's CVEs. Schedule daily for continuous coverage.
- **🔍 Keyword search** — NVD `keywordSearch` for topical queries (`log4j`, `wordpress`, `rce`).
- **🌐 Proxy IP rotation** — Apify datacenter proxy rotates IPs per request to mitigate NVD's keyless 5 req/30s and GitHub's 60 req/hr/IP limits.
- **💰 Pay-per-result** — charged per saved advisory, not per run. Empty results are free.

---

### 🤖 Why AI agents need this

Vulnerability intelligence is a high-frequency, high-trust grounding task for security-flavored agents — and the hardest to keep current. NVD's own UI is clunky; commercial vuln DBs are expensive; each source (NVD, GHSA, OSV) has a different schema and gaps. An agent that hits one source gets partial coverage; an agent that scrapes NVD HTML reinvents parsing every time. `cve-security-advisory-monitor` wraps all three into one reliable, deduplicated, proxy-rotated, pay-per-result Actor:

1. **Daily CVE triage agent.** A DevSecOps agent runs `recent` mode every morning with `minCvss: 7`, ranks by severity, and alerts the team on CVEs matching their stack (filtered by `affected`).
2. **Dependency scan agent.** A build/CI agent takes a lockfile, queries `product` mode for each package via OSV, and fails the build if an unpatched vuln is found.
3. **Patch prioritization agent.** An agent ranks open CVEs by CVSS + affected-package criticality + patch availability, and drafts remediation tickets.
4. **Knowledge grounding.** A support agent answers *"is X version vulnerable to Y?"* by retrieving the matching advisory instead of guessing from training data.
5. **Brand/ecosystem monitoring.** A security-research agent watches for new CVEs mentioning a vendor or product keyword weekly.
6. **RAG over CVEs.** Embed the daily CVE feed into a vector store; answer security questions with citations to the exact CVE.
7. **Threat-intel pipeline.** Feed merged advisories into a SIEM or ticketing system; dedup prevents duplicate alerts.

Each of these is one Actor call (or a scheduled run). The output is a table of advisories ready for an LLM to triage, summarize, or alert on.

---

### 📦 What you get (output schema)

Every run streams **one vulnerability advisory per row** to the default dataset. A row looks like:

```json
{
  "query": "last 1d",
  "cveId": "CVE-2026-12345",
  "ghsaId": "GHSA-abcd-efgh-1234",
  "osvId": null,
  "description": "A SQL injection vulnerability exists in ...",
  "summary": "SQL injection in package X via parameter Y",
  "publishedDate": "2026-07-02T13:00:00.000Z",
  "lastModified": "2026-07-02T14:30:00.000Z",
  "cvssScore": 9.8,
  "cvssSeverity": "CRITICAL",
  "cvssVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "weaknesses": ["CWE-89"],
  "affected": [
    { "ecosystem": "pypi", "package": "django", "ranges": [...] }
  ],
  "patchedVersion": "4.2.1",
  "references": ["https://nvd.nist.gov/...", "https://github.com/.../security/advisories/..."],
  "sourceFeeds": ["nvd", "githubAdvisory"],
  "duplicateCount": 2,
  "scrapedAt": "2026-07-02T12:00:00.000Z"
}
````

Use the **Overview** view to scan all advisories newest-first with CVSS, or the **By severity** view to pivot on LOW/MEDIUM/HIGH/CRITICAL for triage.

***

### 🚀 How to use

#### 1. Daily new CVEs (schedule this)

```json
{
  "mode": "recent",
  "daysBack": 1,
  "sources": ["nvd", "githubAdvisory"],
  "maxResults": 500
}
```

#### 2. High-severity only (for triage)

```json
{
  "mode": "recent",
  "daysBack": 7,
  "minCvss": 7,
  "sources": ["nvd", "githubAdvisory", "osv"]
}
```

#### 3. Keyword search

```json
{
  "mode": "search",
  "query": "log4j",
  "maxResults": 200
}
```

#### 4. Product/package vulnerabilities (dependency scan)

```json
{
  "mode": "product",
  "products": ["npm:express", "pypi:django", "maven:org.springframework:spring-core"],
  "sources": ["osv"]
}
```

#### 5. Bulk keywords

```json
{
  "mode": "bulk",
  "queries": ["log4j", "wordpress", "apache struts"],
  "maxResults": 100
}
```

#### From code (Apify SDK)

```js
import { ApifyClient } from 'apify-client';
const client = new ApifyClient({ token: process.env.APIFY_TOKEN });
const run = await client.actor('logiover/cve-security-advisory-monitor').call({
  mode: 'recent',
  daysBack: 1,
  minCvss: 7,
});
const { items } = await client.dataset(run.defaultDatasetId).listItems();
const critical = items.filter(i => i.cvssSeverity === 'CRITICAL');
console.log(`${critical.length} critical CVEs today`);
```

#### As an MCP tool for AI agents

Wrap this Actor in an MCP server. A security agent calls the tool with a keyword, product, or date window and receives structured advisories with CVSS + patch info — no NVD scraping, no schema juggling on the agent side.

***

### 🔧 Input fields

| Field | Type | Default | Description |
|---|---|---|---|
| `mode` | enum | `recent` | `recent` (new CVEs in N days), `search` (keyword), `product` (packages), `bulk` (many keywords). |
| `daysBack` | int | 1 | Days back for `recent` mode (1–120). 1 = today's CVEs. |
| `query` | string | — | Keyword for `search` mode. |
| `queries` | array | — | Keywords for `bulk` mode. |
| `products` | array | — | Packages for `product` mode (`ecosystem:name`, e.g. `npm:express`). |
| `sources` | array | all | Which DBs: `nvd`, `githubAdvisory`, `osv`. |
| `maxResults` | int | 500 | Cap per query/window (1–5000). |
| `minCvss` | number | 0 | Keep only CVSS ≥ this (0–10). 7 = High+. |
| `useApifyProxy` | bool | true | Route through Apify datacenter proxy (IP rotation for rate limits). |
| `proxyGroups` | array | — | Override group, e.g. `["RESIDENTIAL"]`. |

***

### 🧩 How it works

1. **Build requests per source.** For `recent`, compute the ISO date window (`daysBack` → `pubStart`/`pubEnd`) and query NVD (`pubStartDate`/`pubEndDate`) + GitHub Advisory (`published>=`). For `search`, NVD `keywordSearch`. For `product`, OSV POST batch.
2. **Fetch with IP rotation.** Each request goes through the Apify datacenter proxy (rotating source IP per request) to mitigate NVD's keyless 5 req/30s and GitHub's 60 req/hr/IP. 429/5xx trigger exponential backoff retry (up to 6 attempts).
3. **Paginate.** NVD (`resultsPerPage=200` + `startIndex`), GitHub Advisory (`per_page=100` + `page`). Loop until `maxResults` or an empty/short page.
4. **Normalize.** Each source's schema is mapped to a common record: `cveId`/`ghsaId`/`osvId`, `description`/`summary`, dates, `cvssScore`/`cvssSeverity`/`cvssVector`, `weaknesses` (CWE), `affected` (products/packages + ranges), `patchedVersion` (from fix events), `references`.
5. **Deduplicate.** Rows are keyed by CVE ID (or GHSA/OSV if no CVE). The same vuln found in NVD + GHSA + OSV merges into one row: `sourceFeeds` unions, `duplicateCount` increments, and the richest fields (summary, CVSS, patch version, CWE) win.
6. **Filter.** `minCvss` keeps only advisories at or above the threshold (advisories without a CVSS score pass if `minCvss` is 0).
7. **Stream.** Each advisory is pushed to the dataset and one `result` event is charged.

***

### 💡 Tips & best practices

- **Schedule `recent` daily.** `daysBack: 1` each morning catches yesterday's CVEs. Use `daysBack: 7` weekly for a broader sweep. Hundreds of fresh CVEs per day = consistent volume.
- **Use `minCvss: 7` for triage.** Focus on High+ first; Low/Medium can wait. Critical-only (`minCvss: 9`) for emergency sweeps.
- **`product` mode for dependency hygiene.** Pass your lockfile packages (`npm:*`, `pypi:*`, `maven:*`) to OSV for a full dependency vuln scan. Combine with `patchedVersion` to auto-generate upgrade tickets.
- **All three sources for coverage.** NVD is the CVE authority but slow to enrich; GitHub Advisory has package-level fix versions fast; OSV merges ecosystem DBs (RUSTSEC, PyPA, Go, etc.) that NVD lacks. Dedup keeps it clean.
- **Keyword for vendor/product monitoring.** `search: "apache struts"` or `search: "wordpress plugin"` to watch a vendor's CVEs.
- **Polite pacing.** NVD keyless is 5 req/30s; the Actor sleeps between pages. For very large windows, expect slower throughput (it trades speed for reliability).
- **Combine with related Actors.** Pair with `github-activity-stream` (security commits/releases), `certificate-transparency-monitor` (infra changes), and `news-intelligence-scraper` (breach news).

***

### ❓ FAQ

#### Does this Actor need any API keys?

No. NVD, GitHub Advisory, and OSV all have keyless tiers. The Apify proxy IP rotation helps spread the keyless rate limits. For heavy production use, NVD offers a free API key (raises to 50 req/30s) — but this Actor doesn't require one.

#### Why three sources instead of just NVD?

NVD is the CVE authority but often lags on enrichment (package ranges, fix versions). GitHub Security Advisories add package-level affected ranges and fix versions fast. OSV merges ecosystem-specific DBs (RUSTSEC, PyPA, Go, etc.) that NVD doesn't cover well. Merging all three + deduping gives the broadest, richest coverage.

#### How current is the data?

NVD and GitHub Advisory publish in near-real-time. `recent` mode with `daysBack: 1` gives you CVEs published in the last 24 hours. There's a small lag (minutes to hours) between public disclosure and NVD enrichment.

#### Does it find CVEs for a specific package version?

`product` mode queries OSV with a package name; OSV returns all known vulns for that package (you filter by version using the `affected` ranges downstream). For exact-version checks, post-process the `affected.ranges` field.

#### How does dedup work?

Rows are keyed by CVE ID (or GHSA/OSV ID if no CVE). The same vuln in NVD + GHSA + OSV collapses into one row with `sourceFeeds: ["nvd","githubAdvisory","osv"]` and `duplicateCount: 3`. The richest fields win (summary from GHSA, CVSS from NVD, patch version from GHSA/OSV).

#### Why are some CVSS scores null?

Not every advisory has a CVSS score (especially fresh OSV entries before NVD enrichment). `minCvss: 0` keeps them; `minCvss: 7` filters them out (since null < 7).

#### How is this priced?

Pay-per-result: one `result` event per saved advisory. Runs that yield zero advisories are free.

#### Will I get rate-limited?

NVD keyless is 5 req/30s; GitHub is 60 req/hr/IP. The Actor uses IP rotation + exponential backoff to push through. For sustained heavy use, an NVD API key would help.

#### Can AI agents call this directly?

Yes. Expose it through an MCP server or Apify tool integration; the agent passes a keyword/product/date window and gets structured advisories back. This is the primary design target.

***

### 🔗 Related Actors

- **github-activity-stream** — repo commits/releases/security commits (dev-side signals).
- **certificate-transparency-monitor** — new TLS certs (infra/attack-surface changes).
- **news-intelligence-scraper** — breach/security news coverage.
- **subdomain-finder** — CT-log subdomain discovery (recon).
- **bulk-whois-rdap-lookup** — domain ownership for vuln attribution.

***

### 📝 Changelog

#### 2026-07-02 — v1.0

- Initial release.
- 4 modes: `recent`, `search`, `product`, `bulk`.
- 3 sources: NVD, GitHub Security Advisories, OSV.
- Cross-source dedup (CVE/GHSA/OSV key), CVSS + severity + vector, CWE weaknesses, affected versions, patched version, references.
- `minCvss` severity filter.
- Apify datacenter proxy default (IP rotation for rate limits).
- Pay-per-result (`result` event per saved advisory).

***

### ⚖️ Disclaimer

This Actor queries public vulnerability databases (NVD, GitHub Advisory, OSV) via their keyless APIs. Vulnerability data is owned by the respective sources (NIST, GitHub, OSV maintainers); respect their Terms of Service and rate limits. Use for security monitoring, DevSecOps automation and AI-agent grounding on data that is already public.

# Actor input Schema

## `mode` (type: `string`):

How to run.

• **recent** — new CVEs published in the last N days across all sources (highest volume, ideal for daily monitoring)
• **search** — keyword search across CVE descriptions (NVD keywordSearch)
• **product** — vulnerabilities for specific packages/products (OSV + NVD CPE)
• **bulk** — many keywords/products in one run

## `daysBack` (type: `integer`):

Pull CVEs published within this many days. 1 = today only (ideal daily run), 7 = last week.

## `query` (type: `string`):

Keyword for **search** mode (matched against CVE descriptions), e.g. `wordpress`, `log4j`, `rce`.

## `queries` (type: `array`):

Array of keywords for **bulk** mode.

## `products` (type: `array`):

Packages to query via OSV, as `ecosystem:package` e.g. `npm:express`, `pypi:django`, `maven:org.springframework:spring-core`. Also accepts bare names (auto-guessed ecosystem).

## `sources` (type: `array`):

Which vulnerability databases to query. More = broader coverage + dedup across sources.

## `maxResults` (type: `integer`):

Cap on advisories saved per query/window.

## `minCvss` (type: `number`):

Only keep advisories with CVSS at or above this (0-10). 0 = all. 7 = High+ only.

## `useApifyProxy` (type: `boolean`):

Route through Apify datacenter proxy (IP rotation). NVD and GitHub API rate-limit per IP without a key; rotation spreads the load.

## `proxyGroups` (type: `array`):

Override group, e.g. `RESIDENTIAL`.

## Actor input object example

```json
{
  "mode": "recent",
  "daysBack": 1,
  "query": "log4j",
  "queries": [
    "log4j",
    "wordpress"
  ],
  "products": [
    "npm:express",
    "pypi:django"
  ],
  "sources": [
    "nvd",
    "githubAdvisory"
  ],
  "maxResults": 100,
  "minCvss": 0,
  "useApifyProxy": true,
  "proxyGroups": []
}
```

# Actor output Schema

## `results` (type: `string`):

Full dataset of merged, deduplicated CVE/advisory records.

# API

You can run this Actor programmatically using our API. Below are code examples in JavaScript, Python, and CLI, as well as the OpenAPI specification and MCP server setup.

## JavaScript example

```javascript
import { ApifyClient } from 'apify-client';

// Initialize the ApifyClient with your Apify API token
// Replace the '<YOUR_API_TOKEN>' with your token
const client = new ApifyClient({
    token: '<YOUR_API_TOKEN>',
});

// Prepare Actor input
const input = {
    "mode": "recent",
    "daysBack": 1,
    "query": "log4j",
    "queries": [
        "log4j",
        "wordpress"
    ],
    "products": [
        "npm:express",
        "pypi:django"
    ],
    "sources": [
        "nvd",
        "githubAdvisory"
    ],
    "maxResults": 100,
    "minCvss": 0,
    "useApifyProxy": true
};

// Run the Actor and wait for it to finish
const run = await client.actor("logiover/cve-security-advisory-monitor").call(input);

// Fetch and print Actor results from the run's dataset (if any)
console.log('Results from dataset');
console.log(`💾 Check your data here: https://console.apify.com/storage/datasets/${run.defaultDatasetId}`);
const { items } = await client.dataset(run.defaultDatasetId).listItems();
items.forEach((item) => {
    console.dir(item);
});

// 📚 Want to learn more 📖? Go to → https://docs.apify.com/api/client/js/docs

```

## Python example

```python
from apify_client import ApifyClient

# Initialize the ApifyClient with your Apify API token
# Replace '<YOUR_API_TOKEN>' with your token.
client = ApifyClient("<YOUR_API_TOKEN>")

# Prepare the Actor input
run_input = {
    "mode": "recent",
    "daysBack": 1,
    "query": "log4j",
    "queries": [
        "log4j",
        "wordpress",
    ],
    "products": [
        "npm:express",
        "pypi:django",
    ],
    "sources": [
        "nvd",
        "githubAdvisory",
    ],
    "maxResults": 100,
    "minCvss": 0,
    "useApifyProxy": True,
}

# Run the Actor and wait for it to finish
run = client.actor("logiover/cve-security-advisory-monitor").call(run_input=run_input)

# Fetch and print Actor results from the run's dataset (if there are any)
print("💾 Check your data here: https://console.apify.com/storage/datasets/" + run["defaultDatasetId"])
for item in client.dataset(run["defaultDatasetId"]).iterate_items():
    print(item)

# 📚 Want to learn more 📖? Go to → https://docs.apify.com/api/client/python/docs/quick-start

```

## CLI example

```bash
echo '{
  "mode": "recent",
  "daysBack": 1,
  "query": "log4j",
  "queries": [
    "log4j",
    "wordpress"
  ],
  "products": [
    "npm:express",
    "pypi:django"
  ],
  "sources": [
    "nvd",
    "githubAdvisory"
  ],
  "maxResults": 100,
  "minCvss": 0,
  "useApifyProxy": true
}' |
apify call logiover/cve-security-advisory-monitor --silent --output-dataset

```

## MCP server setup

```json
{
    "mcpServers": {
        "apify": {
            "command": "npx",
            "args": [
                "mcp-remote",
                "https://mcp.apify.com/?tools=logiover/cve-security-advisory-monitor",
                "--header",
                "Authorization: Bearer <YOUR_API_TOKEN>"
            ]
        }
    }
}

```

## OpenAPI specification

```json
{
    "openapi": "3.0.1",
    "info": {
        "title": "CVE Security Advisory Monitor — AI Agent Vulnerability API",
        "description": "Keyless vulnerability intelligence for AI agents: NVD + GitHub Security Advisories + OSV merged. Daily new CVEs, keyword search, or product/package lookups. CVSS scores, weaknesses, affected versions, patch info and references per row. No API key, no browser.",
        "version": "1.0",
        "x-build-id": "8IXwpDfeXpl0CssPs"
    },
    "servers": [
        {
            "url": "https://api.apify.com/v2"
        }
    ],
    "paths": {
        "/acts/logiover~cve-security-advisory-monitor/run-sync-get-dataset-items": {
            "post": {
                "operationId": "run-sync-get-dataset-items-logiover-cve-security-advisory-monitor",
                "x-openai-isConsequential": false,
                "summary": "Executes an Actor, waits for its completion, and returns Actor's dataset items in response.",
                "tags": [
                    "Run Actor"
                ],
                "requestBody": {
                    "required": true,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/inputSchema"
                            }
                        }
                    }
                },
                "parameters": [
                    {
                        "name": "token",
                        "in": "query",
                        "required": true,
                        "schema": {
                            "type": "string"
                        },
                        "description": "Enter your Apify token here"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK"
                    }
                }
            }
        },
        "/acts/logiover~cve-security-advisory-monitor/runs": {
            "post": {
                "operationId": "runs-sync-logiover-cve-security-advisory-monitor",
                "x-openai-isConsequential": false,
                "summary": "Executes an Actor and returns information about the initiated run in response.",
                "tags": [
                    "Run Actor"
                ],
                "requestBody": {
                    "required": true,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/inputSchema"
                            }
                        }
                    }
                },
                "parameters": [
                    {
                        "name": "token",
                        "in": "query",
                        "required": true,
                        "schema": {
                            "type": "string"
                        },
                        "description": "Enter your Apify token here"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK",
                        "content": {
                            "application/json": {
                                "schema": {
                                    "$ref": "#/components/schemas/runsResponseSchema"
                                }
                            }
                        }
                    }
                }
            }
        },
        "/acts/logiover~cve-security-advisory-monitor/run-sync": {
            "post": {
                "operationId": "run-sync-logiover-cve-security-advisory-monitor",
                "x-openai-isConsequential": false,
                "summary": "Executes an Actor, waits for completion, and returns the OUTPUT from Key-value store in response.",
                "tags": [
                    "Run Actor"
                ],
                "requestBody": {
                    "required": true,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/inputSchema"
                            }
                        }
                    }
                },
                "parameters": [
                    {
                        "name": "token",
                        "in": "query",
                        "required": true,
                        "schema": {
                            "type": "string"
                        },
                        "description": "Enter your Apify token here"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK"
                    }
                }
            }
        }
    },
    "components": {
        "schemas": {
            "inputSchema": {
                "type": "object",
                "required": [
                    "mode"
                ],
                "properties": {
                    "mode": {
                        "title": "Mode",
                        "enum": [
                            "recent",
                            "search",
                            "product",
                            "bulk"
                        ],
                        "type": "string",
                        "description": "How to run.\n\n• **recent** — new CVEs published in the last N days across all sources (highest volume, ideal for daily monitoring)\n• **search** — keyword search across CVE descriptions (NVD keywordSearch)\n• **product** — vulnerabilities for specific packages/products (OSV + NVD CPE)\n• **bulk** — many keywords/products in one run",
                        "default": "recent"
                    },
                    "daysBack": {
                        "title": "Days back (recent mode)",
                        "minimum": 1,
                        "maximum": 120,
                        "type": "integer",
                        "description": "Pull CVEs published within this many days. 1 = today only (ideal daily run), 7 = last week.",
                        "default": 1
                    },
                    "query": {
                        "title": "Keyword (search & bulk)",
                        "type": "string",
                        "description": "Keyword for **search** mode (matched against CVE descriptions), e.g. `wordpress`, `log4j`, `rce`."
                    },
                    "queries": {
                        "title": "Keywords (bulk mode)",
                        "type": "array",
                        "description": "Array of keywords for **bulk** mode.",
                        "items": {
                            "type": "string"
                        },
                        "default": []
                    },
                    "products": {
                        "title": "Products/packages (product mode)",
                        "type": "array",
                        "description": "Packages to query via OSV, as `ecosystem:package` e.g. `npm:express`, `pypi:django`, `maven:org.springframework:spring-core`. Also accepts bare names (auto-guessed ecosystem).",
                        "items": {
                            "type": "string"
                        },
                        "default": []
                    },
                    "sources": {
                        "title": "Sources",
                        "type": "array",
                        "description": "Which vulnerability databases to query. More = broader coverage + dedup across sources.",
                        "items": {
                            "type": "string"
                        },
                        "default": [
                            "nvd",
                            "githubAdvisory",
                            "osv"
                        ]
                    },
                    "maxResults": {
                        "title": "Max results",
                        "minimum": 1,
                        "maximum": 5000,
                        "type": "integer",
                        "description": "Cap on advisories saved per query/window.",
                        "default": 500
                    },
                    "minCvss": {
                        "title": "Min CVSS score",
                        "minimum": 0,
                        "maximum": 10,
                        "type": "number",
                        "description": "Only keep advisories with CVSS at or above this (0-10). 0 = all. 7 = High+ only.",
                        "default": 0
                    },
                    "useApifyProxy": {
                        "title": "Use Apify datacenter proxy",
                        "type": "boolean",
                        "description": "Route through Apify datacenter proxy (IP rotation). NVD and GitHub API rate-limit per IP without a key; rotation spreads the load.",
                        "default": true
                    },
                    "proxyGroups": {
                        "title": "Proxy groups (advanced)",
                        "type": "array",
                        "description": "Override group, e.g. `RESIDENTIAL`.",
                        "items": {
                            "type": "string"
                        },
                        "default": []
                    }
                }
            },
            "runsResponseSchema": {
                "type": "object",
                "properties": {
                    "data": {
                        "type": "object",
                        "properties": {
                            "id": {
                                "type": "string"
                            },
                            "actId": {
                                "type": "string"
                            },
                            "userId": {
                                "type": "string"
                            },
                            "startedAt": {
                                "type": "string",
                                "format": "date-time",
                                "example": "2025-01-08T00:00:00.000Z"
                            },
                            "finishedAt": {
                                "type": "string",
                                "format": "date-time",
                                "example": "2025-01-08T00:00:00.000Z"
                            },
                            "status": {
                                "type": "string",
                                "example": "READY"
                            },
                            "meta": {
                                "type": "object",
                                "properties": {
                                    "origin": {
                                        "type": "string",
                                        "example": "API"
                                    },
                                    "userAgent": {
                                        "type": "string"
                                    }
                                }
                            },
                            "stats": {
                                "type": "object",
                                "properties": {
                                    "inputBodyLen": {
                                        "type": "integer",
                                        "example": 2000
                                    },
                                    "rebootCount": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "restartCount": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "resurrectCount": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "computeUnits": {
                                        "type": "integer",
                                        "example": 0
                                    }
                                }
                            },
                            "options": {
                                "type": "object",
                                "properties": {
                                    "build": {
                                        "type": "string",
                                        "example": "latest"
                                    },
                                    "timeoutSecs": {
                                        "type": "integer",
                                        "example": 300
                                    },
                                    "memoryMbytes": {
                                        "type": "integer",
                                        "example": 1024
                                    },
                                    "diskMbytes": {
                                        "type": "integer",
                                        "example": 2048
                                    }
                                }
                            },
                            "buildId": {
                                "type": "string"
                            },
                            "defaultKeyValueStoreId": {
                                "type": "string"
                            },
                            "defaultDatasetId": {
                                "type": "string"
                            },
                            "defaultRequestQueueId": {
                                "type": "string"
                            },
                            "buildNumber": {
                                "type": "string",
                                "example": "1.0.0"
                            },
                            "containerUrl": {
                                "type": "string"
                            },
                            "usage": {
                                "type": "object",
                                "properties": {
                                    "ACTOR_COMPUTE_UNITS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_WRITES": {
                                        "type": "integer",
                                        "example": 1
                                    },
                                    "KEY_VALUE_STORE_LISTS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_INTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_EXTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_RESIDENTIAL_TRANSFER_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_SERPS": {
                                        "type": "integer",
                                        "example": 0
                                    }
                                }
                            },
                            "usageTotalUsd": {
                                "type": "number",
                                "example": 0.00005
                            },
                            "usageUsd": {
                                "type": "object",
                                "properties": {
                                    "ACTOR_COMPUTE_UNITS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_WRITES": {
                                        "type": "number",
                                        "example": 0.00005
                                    },
                                    "KEY_VALUE_STORE_LISTS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_INTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_EXTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_RESIDENTIAL_TRANSFER_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_SERPS": {
                                        "type": "integer",
                                        "example": 0
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
    }
}
```
