exploited_vulnerabilities
ActiveTool of ai.dynamicfeed/dynamic-feed
Vulnerabilities CONFIRMED exploited in the wild — the CISA Known Exploited Vulnerabilities (KEV) catalog, each enriched with its EPSS exploitation-probability score (FIRST.org), plus a risk `summary`. The 'which CVEs actually matter right now' layer that pairs with security_advisories (disclosed CVEs) and check_vulnerability (is package@version affected). Args: query: match a CVE id / name / description. vendor: filter by vendor — accepts a COMMA LIST (e.g. "Microsoft, Cisco, Fortinet"), match ANY. product: filter by product — accepts a COMMA LIST (e.g. "Windows, PAN-OS"), match ANY. stack: a client's whole tech stack as a comma list (e.g. "Fortinet, Ivanti, Citrix, Apache"), matched against vendor OR product — returns exactly the actively-exploited CVEs affecting that stack: a live per-stack vulnerability watch (see the `summary` for the headline risk). ransomware_only: only CVEs linked to known ransomware campaigns. recent_days: only CVEs added to the KEV catalog in the last N days. sort: "recent" (newest catalogued first, default) or "risk" (highest EPSS first). limit: max results. Every value is returned in an Ed25519-signed, provenance-stamped envelope (source and observation time) you can verify offline against /.well-known/keys, no account required.
Parameters schema
{
"type": "object",
"title": "exploited_vulnerabilitiesArguments",
"properties": {
"sort": {
"type": "string",
"title": "Sort",
"default": "recent"
},
"limit": {
"type": "integer",
"title": "Limit",
"default": 25
},
"query": {
"type": "string",
"title": "Query",
"default": ""
},
"stack": {
"type": "string",
"title": "Stack",
"default": ""
},
"vendor": {
"type": "string",
"title": "Vendor",
"default": ""
},
"product": {
"type": "string",
"title": "Product",
"default": ""
},
"recent_days": {
"type": "integer",
"title": "Recent Days",
"default": 0
},
"ransomware_only": {
"type": "boolean",
"title": "Ransomware Only",
"default": false
}
}
}No endpoints wrapped at confidence ≥ 0.50.
Parent server
ai.dynamicfeed/dynamic-feed
1/7 registries