# NVD CVE Tracker by Vendor, Product, Severity (`v0iddo/nvd-cve-tracker`) Actor Pull new/modified CVEs from NIST NVD. Filter by vendor/product (CPE), severity, CWE, keyword. One row per CVE — id, description, CVSS v3 score, vector, CWEs, affected CPEs, refs. AppSec cron watchlist. NIST NVD REST 2.0 (free, no auth). - **URL**: https://apify.com/v0iddo/nvd-cve-tracker.md - **Developed by:** [vøiddo](https://apify.com/v0iddo) (community) - **Categories:** Business, News - **Stats:** 2 total users, 1 monthly users, 100.0% runs succeeded, 0 bookmarks - **User rating**: No ratings yet ## Pricing $2.00 / 1,000 cve extracteds This Actor is paid per event. You are not charged for the Apify platform usage, but only a fixed price for specific events. Learn more: https://docs.apify.com/platform/actors/running/actors-in-store#pay-per-event ## What's an Apify Actor? Actors are a software tools running on the Apify platform, for all kinds of web data extraction and automation use cases. In Batch mode, an Actor accepts a well-defined JSON input, performs an action which can take anything from a few seconds to a few hours, and optionally produces a well-defined JSON output, datasets with results, or files in key-value store. In Standby mode, an Actor provides a web server which can be used as a website, API, or an MCP server. Actors are written with capital "A". ## How to integrate an Actor? If asked about integration, you help developers integrate Actors into their projects. You adapt to their stack and deliver integrations that are safe, well-documented, and production-ready. The best way to integrate Actors is as follows. In JavaScript/TypeScript projects, use official [JavaScript/TypeScript client](https://docs.apify.com/api/client/js.md): ```bash npm install apify-client ``` In Python projects, use official [Python client library](https://docs.apify.com/api/client/python.md): ```bash pip install apify-client ``` In shell scripts, use [Apify CLI](https://docs.apify.com/cli/docs.md): ````bash # MacOS / Linux curl -fsSL https://apify.com/install-cli.sh | bash # Windows irm https://apify.com/install-cli.ps1 | iex ```bash In AI frameworks, you might use the [Apify MCP server](https://docs.apify.com/platform/integrations/mcp.md). If your project is in a different language, use the [REST API](https://docs.apify.com/api/v2.md). For usage examples, see the [API](#api) section below. For more details, see Apify documentation as [Markdown index](https://docs.apify.com/llms.txt) and [Markdown full-text](https://docs.apify.com/llms-full.txt). # README ## NVD CVE Tracker — by Vendor, Product, Severity Pull newly-published or newly-modified CVEs from **NIST NVD**. Filter by vendor/product (CPE 2.3), severity, CWE, or keyword. One clean row per CVE — id, description, CVSS v3 score & vector, CWEs, affected CPEs, references, NVD URL. Built **for cron**: pass `sinceDays: 1` for a daily AppSec watchlist of your tech stack. ### Inputs ```json { "keywords": ["openssl", "cisco asa"], "cpeFilters": ["cpe:2.3:a:apache:*:*:*:*:*:*:*:*:*"], "severityFilters": ["HIGH", "CRITICAL"], "sinceDays": 7, "maxResultsPerQuery": 200 } ```` | input | default | notes | |---|---|---| | `keywords` | — | Free-text searches over CVE descriptions. Each is a separate query. | | `cpeFilters` | — | CPE 2.3 match strings (wildcards allowed). Each is a separate query. | | `severityFilters` | all | Limit to `LOW`, `MEDIUM`, `HIGH`, `CRITICAL` (CVSS v3). | | `cweId` | — | Optional CWE filter (e.g. `CWE-89`). | | `sinceDays` | `7` | `lastModified >= now - sinceDays`. NVD max window is 120 days. | | `maxResultsPerQuery` | `200` | Cap per keyword/CPE query. NVD page size up to 2000. | | `apiKey` | — | Optional NVD API key — boosts rate from 5/30s to 50/30s. | ### Output One row per CVE (deduplicated across keyword/CPE queries): | field | example | |---|---| | cveId | `CVE-2026-12345` | | published | `2026-05-30T14:00:00.000` | | lastModified | `2026-06-01T09:12:33.140` | | vulnStatus | `Analyzed`, `Modified`, `Awaiting Analysis` | | description | `In Apache HTTP Server <2.4.62, ...` | | cvssV3Version | `3.1` | | cvssV3BaseScore | `9.1` | | cvssV3Severity | `CRITICAL` | | cvssV3VectorString | `CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H` | | exploitabilityScore | `3.9` | | impactScore | `5.9` | | cwes | `["CWE-119", "CWE-787"]` | | affectedCpes | `["cpe:2.3:a:apache:http_server:2.4.61:*:*:*:*:*:*:*"]` | | references | `["https://www.openssl.org/news/secadv/20260530.txt", ...]` | | nvdUrl | `https://nvd.nist.gov/vuln/detail/CVE-2026-12345` | | queryOrigin | `kw=openssl sev=CRITICAL` | ### Daily cron pattern ```json { "cpeFilters": [ "cpe:2.3:a:apache:*:*:*:*:*:*:*:*:*", "cpe:2.3:a:nginx:*:*:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ], "severityFilters": ["HIGH", "CRITICAL"], "sinceDays": 1 } ``` ### Real-world questions this answers - **AppSec triage.** Daily firehose of HIGH+CRITICAL CVEs affecting our stack. - **Vendor watch.** Anything new from Cisco / Microsoft / Red Hat? - **Supply-chain audit.** New CVEs in a CPE-matched component. - **Vulnerability research.** Filter by CWE for class-specific datasets. ### What it doesn't do - No EPSS / KEV enrichment yet (those are separate FIRST.org / CISA feeds; planned). - No vendor advisory PDFs — just NVD-stored references. - No exploit-availability flag (NVD doesn't expose `exploit-db` mapping reliably). ### Maintained by [vøiddo studio](https://voiddo.com) — small independent shop. # Actor input Schema ## `keywords` (type: `array`): Free-text searches over CVE descriptions. Each keyword is a separate query — results union'd. Example: \["openssl", "cisco asa"]. Leave empty if filtering by CPE only. ## `cpeFilters` (type: `array`): Match CVEs against CPE 2.3 strings (with wildcards). Example: \["cpe:2.3:a:apache:*:*:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:\*"]. Each is a separate query. ## `severityFilters` (type: `array`): Limit to CVEs with CVSS v3 severity in this set. Empty = all. ## `cweId` (type: `string`): Optional CWE filter, e.g. "CWE-89" for SQL injection. Single value. ## `sinceDays` (type: `integer`): Pull CVEs whose lastModified date is in the last N days (NVD treats new publications + score revisions equivalently). Max NVD window per request is 120 days. ## `maxResultsPerQuery` (type: `integer`): Hard cap per query. NVD page size is 2000. ## `apiKey` (type: `string`): Optional NVD API key from nvd.nist.gov/developers/request-an-api-key. Without it, NVD throttles at 5 req/30s; with it, 50 req/30s. Leave blank if you don't have one. ## Actor input object example ```json { "keywords": [], "cpeFilters": [], "severityFilters": [], "cweId": "", "sinceDays": 7, "maxResultsPerQuery": 200 } ``` # API You can run this Actor programmatically using our API. Below are code examples in JavaScript, Python, and CLI, as well as the OpenAPI specification and MCP server setup. ## JavaScript example ```javascript import { ApifyClient } from 'apify-client'; // Initialize the ApifyClient with your Apify API token // Replace the '' with your token const client = new ApifyClient({ token: '', }); // Prepare Actor input const input = {}; // Run the Actor and wait for it to finish const run = await client.actor("v0iddo/nvd-cve-tracker").call(input); // Fetch and print Actor results from the run's dataset (if any) console.log('Results from dataset'); console.log(`💾 Check your data here: https://console.apify.com/storage/datasets/${run.defaultDatasetId}`); const { items } = await client.dataset(run.defaultDatasetId).listItems(); items.forEach((item) => { console.dir(item); }); // 📚 Want to learn more 📖? Go to → https://docs.apify.com/api/client/js/docs ``` ## Python example ```python from apify_client import ApifyClient # Initialize the ApifyClient with your Apify API token # Replace '' with your token. client = ApifyClient("") # Prepare the Actor input run_input = {} # Run the Actor and wait for it to finish run = client.actor("v0iddo/nvd-cve-tracker").call(run_input=run_input) # Fetch and print Actor results from the run's dataset (if there are any) print("💾 Check your data here: https://console.apify.com/storage/datasets/" + run["defaultDatasetId"]) for item in client.dataset(run["defaultDatasetId"]).iterate_items(): print(item) # 📚 Want to learn more 📖? Go to → https://docs.apify.com/api/client/python/docs/quick-start ``` ## CLI example ```bash echo '{}' | apify call v0iddo/nvd-cve-tracker --silent --output-dataset ``` ## MCP server setup ```json { "mcpServers": { "apify": { "command": "npx", "args": [ "mcp-remote", "https://mcp.apify.com/?tools=v0iddo/nvd-cve-tracker", "--header", "Authorization: Bearer " ] } } } ``` ## OpenAPI specification ```json { "openapi": "3.0.1", "info": { "title": "NVD CVE Tracker by Vendor, Product, Severity", "description": "Pull new/modified CVEs from NIST NVD. Filter by vendor/product (CPE), severity, CWE, keyword. One row per CVE — id, description, CVSS v3 score, vector, CWEs, affected CPEs, refs. AppSec cron watchlist. NIST NVD REST 2.0 (free, no auth).", "version": "0.1", "x-build-id": "jc312wG1Wmli4ekfd" }, "servers": [ { "url": "https://api.apify.com/v2" } ], "paths": { "/acts/v0iddo~nvd-cve-tracker/run-sync-get-dataset-items": { "post": { "operationId": "run-sync-get-dataset-items-v0iddo-nvd-cve-tracker", "x-openai-isConsequential": false, "summary": "Executes an Actor, waits for its completion, and returns Actor's dataset items in response.", "tags": [ "Run Actor" ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/inputSchema" } } } }, "parameters": [ { "name": "token", "in": "query", "required": true, "schema": { "type": "string" }, "description": "Enter your Apify token here" } ], "responses": { "200": { "description": "OK" } } } }, "/acts/v0iddo~nvd-cve-tracker/runs": { "post": { "operationId": "runs-sync-v0iddo-nvd-cve-tracker", "x-openai-isConsequential": false, "summary": "Executes an Actor and returns information about the initiated run in response.", "tags": [ "Run Actor" ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/inputSchema" } } } }, "parameters": [ { "name": "token", "in": "query", "required": true, "schema": { "type": "string" }, "description": "Enter your Apify token here" } ], "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/runsResponseSchema" } } } } } } }, "/acts/v0iddo~nvd-cve-tracker/run-sync": { "post": { "operationId": "run-sync-v0iddo-nvd-cve-tracker", "x-openai-isConsequential": false, "summary": "Executes an Actor, waits for completion, and returns the OUTPUT from Key-value store in response.", "tags": [ "Run Actor" ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/inputSchema" } } } }, "parameters": [ { "name": "token", "in": "query", "required": true, "schema": { "type": "string" }, "description": "Enter your Apify token here" } ], "responses": { "200": { "description": "OK" } } } } }, "components": { "schemas": { "inputSchema": { "type": "object", "properties": { "keywords": { "title": "Keyword filters", "type": "array", "description": "Free-text searches over CVE descriptions. Each keyword is a separate query — results union'd. Example: [\"openssl\", \"cisco asa\"]. Leave empty if filtering by CPE only.", "default": [], "items": { "type": "string" } }, "cpeFilters": { "title": "CPE filters (vendor/product)", "type": "array", "description": "Match CVEs against CPE 2.3 strings (with wildcards). Example: [\"cpe:2.3:a:apache:*:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*\"]. Each is a separate query.", "default": [], "items": { "type": "string" } }, "severityFilters": { "title": "Severity", "uniqueItems": true, "type": "array", "description": "Limit to CVEs with CVSS v3 severity in this set. Empty = all.", "items": { "type": "string", "enum": [ "LOW", "MEDIUM", "HIGH", "CRITICAL" ] }, "default": [] }, "cweId": { "title": "CWE ID", "type": "string", "description": "Optional CWE filter, e.g. \"CWE-89\" for SQL injection. Single value.", "default": "" }, "sinceDays": { "title": "Look back (days, by lastModified)", "minimum": 1, "maximum": 120, "type": "integer", "description": "Pull CVEs whose lastModified date is in the last N days (NVD treats new publications + score revisions equivalently). Max NVD window per request is 120 days.", "default": 7 }, "maxResultsPerQuery": { "title": "Max results per keyword/CPE query", "minimum": 1, "maximum": 10000, "type": "integer", "description": "Hard cap per query. NVD page size is 2000.", "default": 200 }, "apiKey": { "title": "NVD API key (optional)", "type": "string", "description": "Optional NVD API key from nvd.nist.gov/developers/request-an-api-key. Without it, NVD throttles at 5 req/30s; with it, 50 req/30s. Leave blank if you don't have one." } } }, "runsResponseSchema": { "type": "object", "properties": { "data": { "type": "object", "properties": { "id": { "type": "string" }, "actId": { "type": "string" }, "userId": { "type": "string" }, "startedAt": { "type": "string", "format": "date-time", "example": "2025-01-08T00:00:00.000Z" }, "finishedAt": { "type": "string", "format": "date-time", "example": "2025-01-08T00:00:00.000Z" }, "status": { "type": "string", "example": "READY" }, "meta": { "type": "object", "properties": { "origin": { "type": "string", "example": "API" }, "userAgent": { "type": "string" } } }, "stats": { "type": "object", "properties": { "inputBodyLen": { "type": "integer", "example": 2000 }, "rebootCount": { "type": "integer", "example": 0 }, "restartCount": { "type": "integer", "example": 0 }, "resurrectCount": { "type": "integer", "example": 0 }, "computeUnits": { "type": "integer", "example": 0 } } }, "options": { "type": "object", "properties": { "build": { "type": "string", "example": "latest" }, "timeoutSecs": { "type": "integer", "example": 300 }, "memoryMbytes": { "type": "integer", "example": 1024 }, "diskMbytes": { "type": "integer", "example": 2048 } } }, "buildId": { "type": "string" }, "defaultKeyValueStoreId": { "type": "string" }, "defaultDatasetId": { "type": "string" }, "defaultRequestQueueId": { "type": "string" }, "buildNumber": { "type": "string", "example": "1.0.0" }, "containerUrl": { "type": "string" }, "usage": { "type": "object", "properties": { "ACTOR_COMPUTE_UNITS": { "type": "integer", "example": 0 }, "DATASET_READS": { "type": "integer", "example": 0 }, "DATASET_WRITES": { "type": "integer", "example": 0 }, "KEY_VALUE_STORE_READS": { "type": "integer", "example": 0 }, "KEY_VALUE_STORE_WRITES": { "type": "integer", "example": 1 }, "KEY_VALUE_STORE_LISTS": { "type": "integer", "example": 0 }, "REQUEST_QUEUE_READS": { "type": "integer", "example": 0 }, "REQUEST_QUEUE_WRITES": { "type": "integer", "example": 0 }, "DATA_TRANSFER_INTERNAL_GBYTES": { "type": "integer", "example": 0 }, "DATA_TRANSFER_EXTERNAL_GBYTES": { "type": "integer", "example": 0 }, "PROXY_RESIDENTIAL_TRANSFER_GBYTES": { "type": "integer", "example": 0 }, "PROXY_SERPS": { "type": "integer", "example": 0 } } }, "usageTotalUsd": { "type": "number", "example": 0.00005 }, "usageUsd": { "type": "object", "properties": { "ACTOR_COMPUTE_UNITS": { "type": "integer", "example": 0 }, "DATASET_READS": { "type": "integer", "example": 0 }, "DATASET_WRITES": { "type": "integer", "example": 0 }, "KEY_VALUE_STORE_READS": { "type": "integer", "example": 0 }, "KEY_VALUE_STORE_WRITES": { "type": "number", "example": 0.00005 }, "KEY_VALUE_STORE_LISTS": { "type": "integer", "example": 0 }, "REQUEST_QUEUE_READS": { "type": "integer", "example": 0 }, "REQUEST_QUEUE_WRITES": { "type": "integer", "example": 0 }, "DATA_TRANSFER_INTERNAL_GBYTES": { "type": "integer", "example": 0 }, "DATA_TRANSFER_EXTERNAL_GBYTES": { "type": "integer", "example": 0 }, "PROXY_RESIDENTIAL_TRANSFER_GBYTES": { "type": "integer", "example": 0 }, "PROXY_SERPS": { "type": "integer", "example": 0 } } } } } } } } } } ```