Zenolve Feeds
Security data

Android Security Bulletin CVE API

CVEs from the monthly Android Security Bulletin as structured JSON - CVE ID, vulnerability type, and severity.

Source: Android Open Source Project (Google)$0.005 / recordJSON · CSV · ExcelMCP tool for AI agents

What this feed does

Google publishes Android's monthly security bulletins as static HTML tables with no API. This feed scrapes a bulletin on demand and returns every CVE as structured JSON - ID, vulnerability type (RCE / EoP / ID / DoS), and severity.

Structured, not scraped-by-you

Clean JSON with stable field names - no HTML parsing, no selectors to maintain when the site changes.

Pay only for what you pull

No subscription. $0.005 per record via Apify's metered billing; a typical pull is cents.

Human + agent ready

Call it from cURL, Python, or JS - or hand it to an AI agent as an MCP tool.

Always the latest

Scraped from the official source on every run, so you never ship stale data.

What each record contains

Every result is a JSON object with these fields.

FieldTypeDescription
cvestringCVE identifier (e.g. CVE-2025-XXXXX).
typestringVulnerability type: RCE, EoP, ID, or DoS.
severitystringGoogle-assigned severity (Critical / High / Moderate).

Live sample

The most recent records, straight from the feed. Live sample - fetched at build time

cvetypeseverity
CVE-2025-26456DoSHigh
CVE-2025-26450EoPHigh
CVE-2025-26452EoPHigh
CVE-2025-26455EoPHigh
CVE-2025-26458EoPHigh
CVE-2025-26462EoPHigh
CVE-2025-32312EoPHigh
CVE-2025-26437IDHigh

Call it in one line

Runs the actor and returns the dataset. Swap in your Apify token.

cURL - one call, JSON back
curl "https://api.apify.com/v2/acts/zenolvepro~android-security-bulletin/run-sync-get-dataset-items?token=YOUR_APIFY_TOKEN"
Python
from apify_client import ApifyClient
client = ApifyClient("YOUR_APIFY_TOKEN")
run = client.actor("zenolvepro/android-security-bulletin").call()
for row in client.dataset(run["defaultDatasetId"]).iterate_items():
    print(row)
JavaScript / Node
import { ApifyClient } from 'apify-client';
const client = new ApifyClient({ token: 'YOUR_APIFY_TOKEN' });
const run = await client.actor('zenolvepro/android-security-bulletin').call();
const { items } = await client.dataset(run.defaultDatasetId).listItems();
console.log(items);
AI agents - Model Context Protocol (MCP)
https://mcp.apify.com?tools=zenolvepro/android-security-bulletin

Point any MCP-capable agent at this endpoint and the feed becomes a callable tool.

Who uses it

Mobile-security teams, MDM vendors, and vulnerability-management platforms use it for monitoring, benchmarking, alerting, and enrichment.

Pricing

$0.005per record returned · pay-per-result, no subscription

Billed through Apify. A tiny per-run start fee ($0.00005) applies. Only pay for records you actually pull.

FAQ

Is there an official Android bulletin API?
No - the bulletins are static HTML pages. This feed parses their CVE tables into JSON at $0.005 per record.
How do I pick the month?
The bulletin month is in the input URL (e.g. /bulletin/2025-06-01) - change it to pull any month.
What does each record include?
cve, type (RCE / EoP / ID / DoS), and severity as published by Google.
Why not just use the CVE database?
The bulletin adds Android-specific context - which component, type, and Google's severity - weeks before some entries are enriched elsewhere.
Can an AI agent call this directly?
Yes - exposed as an MCP tool for native agent calls.