search_cves
Search and triage CVEs using filters for risk score, EPSS, KEV catalog, exploit availability, and technology. Returns ranked results to prioritize vulnerabilities.
Instructions
Search the PatrowlIntel CVE feed with rich filters and return compact, ranked results. Use it to triage by risk (min_score / min_epss), surface KEV or exploited CVEs, or scope a vendor/technology. For the full record of one CVE, follow up with get_cve.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| sort | No | Ordering; default '-score' (most risky first). | -score |
| limit | No | Max results, 1-100. | |
| query | No | Free-text match on CVE id or summary. | |
| is_kev | No | Only CVEs in the CISA KEV catalog. | |
| min_epss | No | Minimum EPSS exploit probability (0-1). | |
| is_remote | No | Only remotely exploitable CVEs. | |
| min_score | No | Minimum Patrowl EASM risk score (0-1). | |
| technology | No | Vendor/product substring, e.g. 'Apache' or 'Fortinet FortiOS'. | |
| has_exploit | No | Only CVEs with at least one public exploit. | |
| published_to | No | ISO date upper bound on publication. | |
| published_from | No | ISO date lower bound on publication, e.g. 2026-01-01. |