CISA KEV · EPSS · OSV

Real-time CVE & exploited-vulnerability API ground-truth for security agents.

What attackers are exploiting right now (CISA KEV + EPSS), whether a package is vulnerable (OSV), and the exact version that fixes it.

The call

Keyless over MCP, or one REST call with a free key. Every datapoint is provenance-stamped and citeable.

# REST (free key)
curl -H "X-API-Key: $KEY" "https://dynamicfeed.ai/exploited-vulnerabilities"

# MCP (keyless) — point any client at https://dynamicfeed.ai/mcp, then call:
exploited_vulnerabilities()  ·  check_vulnerability(package, version)

Sample response

{ "cve": "CVE-2026-1234", "product": "PAN-OS", "kev": true, "epss": 0.94,
  "fixed_version": "11.1.2", "observed_at": "2026-06-02T00:00:00Z" }

Why live data

AI now finds and exploits flaws at superhuman scale — but a defender's model can't know from training data what's being exploited today. This is the live feed of what to patch first, every entry citeable.

Use it for

FAQ

What sources back this?

CISA's Known-Exploited-Vulnerabilities catalog, FIRST's EPSS scores, the GitHub Advisory Database and OSV.dev — all commercially redistributable.

Can I check my own dependencies?

Yes — check_vulnerability takes a package + version and returns whether it's affected and the fixed version.

How fresh is it?

Each record carries an observation timestamp; the KEV/EPSS feeds update daily.

Related live feeds