Real-time CVE & exploited-vulnerability API ground-truth for security agents.
What attackers are exploiting right now (CISA KEV + EPSS), whether a package is vulnerable (OSV), and the exact version that fixes it.
The call
Keyless over MCP, or one REST call with a free key. Every datapoint is provenance-stamped and citeable.
# REST (free key)
curl -H "X-API-Key: $KEY" "https://dynamicfeed.ai/exploited-vulnerabilities"
# MCP (keyless) — point any client at https://dynamicfeed.ai/mcp, then call:
exploited_vulnerabilities() · check_vulnerability(package, version)
Sample response
{ "cve": "CVE-2026-1234", "product": "PAN-OS", "kev": true, "epss": 0.94,
"fixed_version": "11.1.2", "observed_at": "2026-06-02T00:00:00Z" }
Why live data
AI now finds and exploits flaws at superhuman scale — but a defender's model can't know from training data what's being exploited today. This is the live feed of what to patch first, every entry citeable.
Use it for
- Ground a security agent in what's actively exploited right now
- Answer 'is package@version vulnerable, and what fixes it?'
- Prioritise patching by real-world exploitation (EPSS), not CVSS alone
FAQ
What sources back this?
CISA's Known-Exploited-Vulnerabilities catalog, FIRST's EPSS scores, the GitHub Advisory Database and OSV.dev — all commercially redistributable.
Can I check my own dependencies?
Yes — check_vulnerability takes a package + version and returns whether it's affected and the fixed version.
How fresh is it?
Each record carries an observation timestamp; the KEV/EPSS feeds update daily.