GnistAI GnistAI
Log in

NVD (National Vulnerability Database)

Search the NIST National Vulnerability Database — CVE records with CVSS scores, CWE weaknesses, advisory references, affected products, and change history. 250K+ vulnerabilities from 1999 to present.

Overview   |   MCP   |   REST API   |   OpenAPI   |   CLI   |   Tutorial   |   Toolkits   |   Home
status: healthy status status healthy healthy tools: 4 tools tools 4 4 type: api wrapper type type api wrapper api wrapper lifecycle: maintained lifecycle lifecycle maintained maintained Security

Data source: NIST NVD 2.0 API (nvd.nist.gov)

MCP Endpoint (Streamable HTTP) https://context.gnist.ai/mcp/nvd/
Authentication

All requests require a Gnist-API-Key header (or api_key query parameter).

Free tier: 100 calls/day. Get your API key.

Tools (4)

search_cves

Search the NIST National Vulnerability Database for CVEs.

Query CVE records by keyword, severity, date range, or affected product.
Returns vulnerability details including CVSS scores, CWE weaknesses,
references, and affected products (CPE names).

Args:
keyword: Keyword to search in CVE descriptions.
cve_id: Specific CVE ID for exact match lookup.
severity: CVSS v3 severity filter: LOW, MEDIUM, HIGH, or CRITICAL.
pub_start_date: Filter CVEs published after this date (ISO 8601).
pub_end_date: Filter CVEs published before this date (ISO 8601).
cpe_name: CPE match string for affected product.
results_per_page: Maximum results (1-50, default 10).

Returns:
Dict with 'source', 'count', 'total_results', and 'cves' list.
Each CVE includes id, description, CVSS scores, CWEs, and references.

ParameterTypeRequiredDescription
keywordanyoptionalKeyword to search CVE descriptions (e.g. "buffer overflow", "SQL injection").
cve_idanyoptionalSpecific CVE ID (e.g. "CVE-2024-0001"). Returns exact match.
severityanyoptionalCVSS v3 severity: "LOW", "MEDIUM", "HIGH", or "CRITICAL".
pub_start_dateanyoptionalStart of publication date range (ISO 8601, e.g. "2024-01-01T00:00:00.000").
pub_end_dateanyoptionalEnd of publication date range (ISO 8601, e.g. "2024-12-31T23:59:59.999").
cpe_nameanyoptionalCPE match string for affected product (e.g. "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*").
results_per_pageintegeroptionalMaximum results to return (1-50, default 10). (default: 10)
JSON-RPC Request
{
  "jsonrpc": "2.0",
  "method": "tools/call",
  "id": 1,
  "params": {
    "name": "search_cves",
    "arguments": {}
  }
}
get_cve

Get full details for a specific CVE from the National Vulnerability Database.

Returns complete vulnerability information including CVSS scores from
multiple sources, CWE weakness classifications, advisory references,
and affected product CPE names.

Args:
cve_id: CVE identifier (e.g. "CVE-2021-44228" for Log4Shell).

Returns:
Dict with 'source' and 'cve' containing full vulnerability details,
or 'cve': None if the CVE ID is not found.

ParameterTypeRequiredDescription
cve_idstringrequiredCVE identifier (e.g. "CVE-2024-0001", "CVE-2021-44228").
JSON-RPC Request
{
  "jsonrpc": "2.0",
  "method": "tools/call",
  "id": 1,
  "params": {
    "name": "get_cve",
    "arguments": {
      "cve_id": "example"
    }
  }
}
get_cve_history

Get the change history for a specific CVE.

Shows how a CVE record has been modified over time, including initial
analysis, score changes, reference additions, and status updates.
Useful for tracking how vulnerability assessments evolved.

Args:
cve_id: CVE identifier (e.g. "CVE-2021-44228").

Returns:
Dict with 'source', 'count', and 'history' list. Each entry includes
event name, creation date, source, and change details.

ParameterTypeRequiredDescription
cve_idstringrequiredCVE identifier (e.g. "CVE-2024-0001").
JSON-RPC Request
{
  "jsonrpc": "2.0",
  "method": "tools/call",
  "id": 1,
  "params": {
    "name": "get_cve_history",
    "arguments": {
      "cve_id": "example"
    }
  }
}
report_feedback

Report a bug, feature request, or general feedback for this data source.

Use this when something doesn't work as expected, when you'd like
a new feature, or when you have suggestions for improvement.

Args:
feedback: Describe the issue or suggestion.
feedback_type: One of 'bug', 'feature_request', or 'general'.

ParameterTypeRequiredDescription
feedbackstringrequired
feedback_typestringoptional (default: "general")
JSON-RPC Request
{
  "jsonrpc": "2.0",
  "method": "tools/call",
  "id": 1,
  "params": {
    "name": "report_feedback",
    "arguments": {
      "feedback": "example"
    }
  }
}

Quick Start

Shell 
curl -X POST "https://context.gnist.ai/mcp/nvd/" \
  -H "Content-Type: application/json" \
  -H "Accept: application/json, text/event-stream" \
  -H "Gnist-API-Key: YOUR_API_KEY" \
  -d '{"jsonrpc": "2.0", "method": "tools/call", "id": 1, "params": {"name": "get_cve", "arguments": {"cve_id": "example"}}}'
Python 
import httpx

resp = httpx.post(
    "https://context.gnist.ai/mcp/nvd/",
    headers={"Gnist-API-Key": "YOUR_API_KEY", "Content-Type": "application/json"},
    json={
  "jsonrpc": "2.0",
  "method": "tools/call",
  "id": 1,
  "params": {
    "name": "get_cve",
    "arguments": {
      "cve_id": "example"
    }
  }
},
)
print(resp.json())

Related Toolkits (Security)

IODA (Internet Outage Detection)
Internet outage detection and analysis — real-time alerts, processed events, aggregated summaries, and time-series signa
Cyber Intelligence
Unified cyber intelligence — domain investigation (WHOIS + DNS), CVE vulnerability search (NVD), and internet outage mon

Resources

Toolkit Overview
Landing page with health status and quick start.
Tool Schemas (JSON)
Full input/output JSON schemas for all tools.
Developer Quickstart
Get from zero to your first API call in under two minutes.
Get an API Key
Free tier: 100 calls/day. No credit card required.