Government Cybersecurity Vulnerability Intel
Real-time vulnerability intelligence from 4 authoritative sources — no API keys required.
Setup
Connect to the remote MCP server:
mcporter add gov-cyber --url https://cybersecurity-vuln-mcp.apify.actor/mcp --transport streamable-http
Or add directly to your OpenClaw MCP config (~/.openclaw/mcp.json):
{
"servers": {
"gov-cyber": {
"url": "https://cybersecurity-vuln-mcp.apify.actor/mcp",
"transport": "streamable-http"
}
}
}
Available Tools
vuln_lookup_cve
Look up a CVE by ID and get enriched intelligence from all 4 sources in a single call — NVD details (CVSS score, description, references), CISA KEV active exploitation status, EPSS exploitation probability, and MITRE ATT&CK techniques.
Look up CVE-2021-44228
Example output: CRITICAL 10.0, EPSS 94.4%, KEV=YES, ATT&CK: T1190/T1203/T1595.002
vuln_search
Search the NIST National Vulnerability Database by keyword, severity, and date range.
Search NVD for "apache log4j" critical vulnerabilities
Parameters: keyword, severity (LOW/MEDIUM/HIGH/CRITICAL), pubStartDate, pubEndDate, limit
vuln_kev_latest
Get recently added entries from the CISA Known Exploited Vulnerabilities catalog — confirmed actively exploited in the wild.
Show KEV entries added in the last 7 days
Parameters: days (1-365, default 7), limit
vuln_kev_due_soon
Get CISA KEV vulnerabilities with upcoming remediation deadlines. Federal agencies must patch by the due date.
Show KEV vulnerabilities due within 14 days
Parameters: days (1-90, default 14), limit
vuln_epss_top
Get CVEs with the highest EPSS exploitation probability scores. A score of 0.9 = 90% chance of exploitation in the next 30 days.
Show CVEs with EPSS score above 0.9
Parameters: threshold (0-1, default 0.5), limit
vuln_trending
Get recently published critical and high severity CVEs. Stay on top of emerging threats.
Show trending critical CVEs from the last 3 days
Parameters: days (1-30, default 3), severity, limit
vuln_by_vendor
Search CVEs for a specific vendor/product with KEV cross-referencing for actively exploited vulns.
Show Microsoft Windows vulnerabilities
Parameters: vendor (required), product (optional), limit
Data Sources
- NIST NVD 2.0 — National Vulnerability Database (CVE details, CVSS scores)
- CISA KEV — Known Exploited Vulnerabilities catalog
- FIRST.org EPSS — Exploitation Prediction Scoring System
- MITRE ATT&CK — Adversary techniques and tactics (172 CVEs mapped to 42 techniques)
Use Cases
- Vulnerability triage and prioritization
- Compliance tracking (CISA KEV deadlines)
- Vendor risk assessments
- Threat intelligence briefings
- Patch management decisions
All data from free US government APIs. Zero cost. No API keys required.