Plug exploited-vulnerability intelligence into your workflow
Automation-ready delivery for vulnerability management, CTI, SOC, and MSSP workflows. Pro API for enrichment and telemetry; RSS and JSON for monitoring.
Pro API
JSON access to enriched KEV records, confidence scoring, sensor telemetry, PoCs, scanner integrations, mentions, tags, and IoCs.
View API DocsRSS Feed
Real-time exploited-vulnerability updates for monitoring and automation. CISA KEV does not provide RSS — KEVIntel does.
Subscribe to RSSJSON Feed
Free public API for basic KEV monitoring and research integrations. Enrichment and telemetry require Pro API access.
Browse JSON FeedWebhooks
Push high-priority exploitation updates into Slack, ticketing, or orchestration tools.
SIEM / SOAR
Enrich detections and cases with exploitation status, confidence, telemetry, and artifact context via Pro API.
View API DocsMSSP Reporting
Client-ready exploitation summaries and evidence-backed outputs for service providers.
Free vs Pro Delivery
The free JSON and RSS feeds expose the exploited CVE catalog with summary fields. Pro API adds operational enrichment and immediate sensor telemetry.
| Capability | Free (JSON / RSS) | Pro API |
|---|---|---|
| Exploited CVE catalog | Yes | Yes |
| Confidence scoring | Web UI only | Yes |
| Sensor telemetry | Web UI (30d window) | Immediate API access |
| Full CVSS breakdown | Summary fields | Yes |
| PoCs and private PoCs | Public web UI only | Yes |
| Scanner integrations | Web UI | Yes |
| Mentions, tags, IoCs | Web UI | Yes |
| CSV export | Not offered | Not offered |
Pro API Example Fields
Representative enriched fields available via GET /api/v1/pro/kevs — not exposed on the free public feed.
{
"cve_id": "CVE-2024-1234",
"title": "...",
"affected_vendor": "...",
"affected_product": "...",
"description": "...",
"references": ["..."],
"cvss_score": 9.8,
"cvss_v3_1": { "base_score": 9.8, "vector": "..." },
"epss_score": 0.95,
"exploit_status": { "exploited_in_the_wild": true },
"cwes": [{ "cwe_id": "CWE-79", "name": "..." }],
"tags": [{ "name": "wordpress", "colour": "#FF5733" }],
"proof_of_concepts": [{ "poc_type": "github", "title": "...", "private": false }],
"scanner_integrations": [{ "scanner": "Nuclei", "plugin_id": "..." }],
"mentions": [{ "source": "...", "url": "...", "date": "..." }],
"iocs": [{ "ioc_type": "ip", "value": "...", "first_seen_at": "..." }],
"primary_source": { "name": "CISA", "url": "..." },
"all_sources": [{ "name": "...", "url": "..." }]
}Sensor telemetry, confidence scoring, and per-observation fields are available on Pro CVE endpoints and related Pro API resources. See the API docs for the full schema.