{"openapi":"3.0.3","info":{"title":"Gnist Context — NVD (National Vulnerability Database)","description":"Search the NIST National Vulnerability Database — CVE records with CVSS scores, CWE weaknesses, advisory references, affected products, and change history. 250K+ vulnerabilities from 1999 to present.\n\n- **MCP endpoint:** `https://context.gnist.ai/mcp/nvd/`\n- **Toolkit page:** `/toolkits/nvd`\n- **Full API spec:** `/api/openapi.json`\n- **Get an API key:** `/signup`","version":"1.0.0","contact":{"name":"GnistAI","url":"https://gnist.ai"}},"servers":[{"url":"https://context.gnist.ai","description":"Production"}],"paths":{"/rest/nvd/search_cves":{"post":{"tags":["Security"],"summary":"search_cves","description":"Search the NIST National Vulnerability Database for CVEs.\n\nQuery CVE records by keyword, severity, date range, or affected product.\nReturns vulnerability details including CVSS scores, CWE weaknesses,\nreferences, and affected products (CPE names).\n\nArgs:\n    keyword: Keyword to search in CVE descriptions.\n    cve_id: Specific CVE ID for exact match lookup.\n    severity: CVSS v3 severity filter: LOW, MEDIUM, HIGH, or CRITICAL.\n    pub_start_date: Filter CVEs published after this date (ISO 8601).\n    pub_end_date: Filter CVEs published before this date (ISO 8601).\n    cpe_name: CPE match string for affected product.\n    results_per_page: Maximum results (1-50, default 10).\n\nReturns:\n    Dict with 'source', 'count', 'total_results', and 'cves' list.\n    Each CVE includes id, description, CVSS scores, CWEs, and references.","operationId":"nvd_search_cves","responses":{"200":{"description":"Successful tool call","content":{"application/json":{"schema":{"type":"object"}}}},"404":{"description":"Server or tool not found"},"500":{"description":"Tool execution error"}},"security":[{"ApiKeyHeader":[]},{"ApiKeyQuery":[]}],"requestBody":{"required":false,"content":{"application/json":{"schema":{"additionalProperties":false,"properties":{"keyword":{"anyOf":[{"type":"string"},{"type":"null"}],"default":null,"description":"Keyword to search CVE descriptions (e.g. \"buffer overflow\", \"SQL injection\")."},"cve_id":{"anyOf":[{"type":"string"},{"type":"null"}],"default":null,"description":"Specific CVE ID (e.g. \"CVE-2024-0001\"). Returns exact match."},"severity":{"anyOf":[{"type":"string"},{"type":"null"}],"default":null,"description":"CVSS v3 severity: \"LOW\", \"MEDIUM\", \"HIGH\", or \"CRITICAL\"."},"pub_start_date":{"anyOf":[{"type":"string"},{"type":"null"}],"default":null,"description":"Start of publication date range (ISO 8601, e.g. \"2024-01-01T00:00:00.000\")."},"pub_end_date":{"anyOf":[{"type":"string"},{"type":"null"}],"default":null,"description":"End of publication date range (ISO 8601, e.g. \"2024-12-31T23:59:59.999\")."},"cpe_name":{"anyOf":[{"type":"string"},{"type":"null"}],"default":null,"description":"CPE match string for affected product (e.g. \"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\")."},"results_per_page":{"default":10,"description":"Maximum results to return (1-50, default 10).","type":"integer"}},"type":"object"}}}}}},"/rest/nvd/get_cve":{"post":{"tags":["Security"],"summary":"get_cve","description":"Get full details for a specific CVE from the National Vulnerability Database.\n\nReturns complete vulnerability information including CVSS scores from\nmultiple sources, CWE weakness classifications, advisory references,\nand affected product CPE names.\n\nArgs:\n    cve_id: CVE identifier (e.g. \"CVE-2021-44228\" for Log4Shell).\n\nReturns:\n    Dict with 'source' and 'cve' containing full vulnerability details,\n    or 'cve': None if the CVE ID is not found.","operationId":"nvd_get_cve","responses":{"200":{"description":"Successful tool call","content":{"application/json":{"schema":{"type":"object"}}}},"404":{"description":"Server or tool not found"},"500":{"description":"Tool execution error"}},"security":[{"ApiKeyHeader":[]},{"ApiKeyQuery":[]}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"additionalProperties":false,"properties":{"cve_id":{"description":"CVE identifier (e.g. \"CVE-2024-0001\", \"CVE-2021-44228\").","type":"string"}},"required":["cve_id"],"type":"object"}}}}}},"/rest/nvd/get_cve_history":{"post":{"tags":["Security"],"summary":"get_cve_history","description":"Get the change history for a specific CVE.\n\nShows how a CVE record has been modified over time, including initial\nanalysis, score changes, reference additions, and status updates.\nUseful for tracking how vulnerability assessments evolved.\n\nArgs:\n    cve_id: CVE identifier (e.g. \"CVE-2021-44228\").\n\nReturns:\n    Dict with 'source', 'count', and 'history' list. Each entry includes\n    event name, creation date, source, and change details.","operationId":"nvd_get_cve_history","responses":{"200":{"description":"Successful tool call","content":{"application/json":{"schema":{"type":"object"}}}},"404":{"description":"Server or tool not found"},"500":{"description":"Tool execution error"}},"security":[{"ApiKeyHeader":[]},{"ApiKeyQuery":[]}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"additionalProperties":false,"properties":{"cve_id":{"description":"CVE identifier (e.g. \"CVE-2024-0001\").","type":"string"}},"required":["cve_id"],"type":"object"}}}}}},"/rest/nvd/report_feedback":{"post":{"tags":["Security"],"summary":"report_feedback","description":"Report a bug, feature request, or general feedback for this data source.\n\nUse this when something doesn't work as expected, when you'd like\na new feature, or when you have suggestions for improvement.\n\nArgs:\n    feedback: Describe the issue or suggestion.\n    feedback_type: One of 'bug', 'feature_request', or 'general'.","operationId":"nvd_report_feedback","responses":{"200":{"description":"Successful tool call","content":{"application/json":{"schema":{"type":"object"}}}},"404":{"description":"Server or tool not found"},"500":{"description":"Tool execution error"}},"security":[{"ApiKeyHeader":[]},{"ApiKeyQuery":[]}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"additionalProperties":false,"properties":{"feedback":{"type":"string"},"feedback_type":{"default":"general","type":"string"}},"required":["feedback"],"type":"object"}}}}}}},"tags":[{"name":"Security","description":"Data sources: Security"}],"components":{"securitySchemes":{"ApiKeyHeader":{"type":"apiKey","in":"header","name":"gnist-api-key","description":"API key passed via request header."},"ApiKeyQuery":{"type":"apiKey","in":"query","name":"gnist_api_key","description":"API key passed via query parameter."}}}}