Which exploited CVEs are in your stack right now?
A live watch of the vulnerabilities being exploited in the wild, for your exact tech stack. Pass your stack and get back precisely the CISA Known-Exploited-Vulnerabilities entries that affect it, ranked by EPSS exploitation probability and ransomware linkage, each one Ed25519-signed ground truth you can verify. Not a noisy CVE firehose, the few that are actually being exploited, today, in the software you named.
Scan a stack, live.
Type a comma-separated tech stack and we'll match it against the live CISA KEV catalog right now. This is the exact call a watch runs on a schedule, and that an AI agent runs per prospect.
try: Fortinet, Ivanti, Citrix · VMware, Microsoft, Apache · Cisco, Palo Alto, Juniper · Atlassian, GitLab, Jenkins
,
actively exploited (CISA KEV)
,
tied to known campaigns
,
EPSS ≥ 50%
,
,
Every result is Ed25519-signed, verify it on /proof. CISA KEV + FIRST.org EPSS.
Why a signed watch beats a CVE firehose.
There are ~250,000 published CVEs. The number being exploited in the wild is ~1,600, and only a handful touch any one stack. Dynamic Feed serves that exploited set (CISA's authoritative KEV catalog) enriched with EPSS (FIRST.org's modeled 30-day exploitation probability) and ransomware-campaign linkage, filtered to the stack you actually run. Every datapoint is Ed25519-signed and independently time-stamped by an accredited RFC 3161 authority, so an alert is verifiable ground truth, not an unattributable feed entry. It pairs with security_advisories (newly disclosed CVEs) and check_vulnerability (is package@version affected).
Quickstart. Keyless.
One call from anything that can POST JSON. Pass your stack; get the matched exploited CVEs + a risk summary.
curl -s https://dynamicfeed.ai/v1/batch \ -H "Content-Type: application/json" \ -d '{"calls":[{"tool":"exploited_vulnerabilities", "args":{"stack":"Fortinet, Ivanti, Citrix","sort":"risk","limit":10}}]}' # -> summary: { matched, ransomware_linked, high_epss_50pct_plus, highest_epss } # keyless over MCP too: npx -y dynamicfeed-mcp · verify: /.well-known/keys
Evidence, not a safety guarantee.
This is a signed, timestamped view of the public CISA KEV catalog matched to a stack you describe, proof-of-existence and tamper-evidence for each datapoint. It is not a vulnerability scanner, not a SIEM, and not a security guarantee: it does not inspect your systems or confirm exposure, and a match means a CVE in your stack's software is being exploited in the wild, not that you are compromised. Use it to prioritise and verify; your security team and tooling own remediation. The signature proves what the catalog said at a time, not the completeness of your security posture.
Fully automated. Run by AI, end to end.
No sales calls and no waiting. Mint a key and you are live in seconds, on any tier.