get_kev_cves
Retrieve Known Exploited Vulnerabilities (KEV) from CISA to identify actively exploited security flaws for threat intelligence and cybersecurity research.
Instructions
Get Known Exploited Vulnerabilities (KEV) from CISA
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| limit | No | Maximum number of results to return (default: 10) |
Implementation Reference
- src/index.ts:1948-1967 (handler)Handler logic for the 'get_kev_cves' tool. Extracts the optional 'limit' parameter, calls the CVEDB client's getKevCves method, and returns the JSON-formatted response as MCP content.case "get_kev_cves": { const limit = request.params.arguments?.limit ? Number(request.params.arguments.limit) : 10; try { const kevCves = await cvedbClient.getKevCves(limit); return { content: [{ type: "text", text: JSON.stringify(kevCves, null, 2) }] }; } catch (error) { if (error instanceof McpError) { throw error; } throw new McpError( ErrorCode.InternalError, `Error getting KEV CVEs: ${(error as Error).message}` ); }
- src/index.ts:1252-1263 (schema)Tool definition including name, description, and input schema in the ListTools response.{ name: "get_kev_cves", description: "Get Known Exploited Vulnerabilities (KEV) from CISA", inputSchema: { type: "object", properties: { limit: { type: "number", description: "Maximum number of results to return (default: 10)" } } }
- src/index.ts:767-782 (helper)Supporting method in CVEDBClient class that makes the API call to retrieve KEV CVEs from https://cvedb.shodan.io/cves?is_kev=true with optional limit.*/ async getKevCves(limit: number = 10): Promise<any> { try { const response = await this.axiosInstance.get("/cves", { params: { is_kev: true, limit } }); return response.data; } catch (error: unknown) { if (axios.isAxiosError(error)) { throw new McpError( ErrorCode.InternalError, `CVEDB API error: ${error.response?.data?.error || error.message}` ); } throw error; }