Skip to main content
Glama

Mallory MCP Server

Official
by malloryai

get_vulnerability_exploitations

Retrieve active exploitation data for a specific vulnerability to assess risk, prioritize remediation, and inform incident response. Input a CVE ID or UUID to access timestamps, detection methods, and exploitation frequency.

Instructions

Get exploitation data for a specific vulnerability

Use this tool when you need to determine if a vulnerability has been actively exploited in the wild. This information is critical for risk assessment, incident response, and prioritization of remediation efforts. Exploitation data can help you:

  • Validate that a vulnerability is being actively used by threat actors

  • Understand when exploitation began and if it's ongoing

  • Identify which detection mechanisms observed the exploitation

  • Determine the frequency or prevalence of exploitation (count)

  • Make data-driven decisions about patching priorities

Args: identifier (str): The unique CVE ID or UUID of the vulnerability to retrieve. Example formats: "CVE-2023-1234" or "123e4567-e89b-12d3-a456-426614174000"

Returns: Dict[str, Any]: List of exploitation records for the specified vulnerability, where each record contains: - uuid: Unique identifier for this exploitation record - begins_at: Timestamp when exploitation was first observed - ends_at: Timestamp when exploitation activity ended - count: Number of exploitation occurrences detected - created_at: Timestamp when this record was first added - updated_at: Timestamp when this record was last modified - detection_signature_uuid: UUID of the signature that detected this exploitation - detection_signature_name: Name of the detection signature - detection_signature_source: Source of the detection (e.g., "cisa_kev") - detection_signature_method: Method used for detection (e.g., "manual")

An empty list indicates no known exploitation events for this vulnerability.

Input Schema

NameRequiredDescriptionDefault
identifierYes

Input Schema (JSON Schema)

{ "properties": { "identifier": { "title": "Identifier", "type": "string" } }, "required": [ "identifier" ], "title": "get_vulnerability_exploitationsArguments", "type": "object" }

Other Tools from Mallory MCP Server

Related Tools

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/malloryai/mallory-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server