CERT/CC Vulnerability Notes API
CERT/CC coordinated vulnerability disclosures as structured JSON - VU# ID, title, publish and update dates.
What this feed does
CERT/CC's Vulnerability Notes are high-signal, multi-vendor disclosures - and since CERT deprecated its public data archive for the gated VINCE API, the public listing page is the only open feed. This feed returns it as structured JSON.
Structured, not scraped-by-you
Clean JSON with stable field names - no HTML parsing, no selectors to maintain when the site changes.
Pay only for what you pull
No subscription. $0.01 per record via Apify's metered billing; a typical pull is cents.
Human + agent ready
Call it from cURL, Python, or JS - or hand it to an AI agent as an MCP tool.
Always the latest
Scraped from the official source on every run, so you never ship stale data.
What each record contains
Every result is a JSON object with these fields.
| Field | Type | Description |
|---|---|---|
vu_id | string | CERT VU# identifier. |
title | string | Vulnerability note title. |
published | string | Date the note was first published. |
updated | string | Date the note was last updated. |
detail_url | string, URL | Direct link to the full note on kb.cert.org. |
Live sample
The most recent records, straight from the feed. Live sample - fetched at build time
| title | vu_id | published | updated |
|---|---|---|---|
| Privilege escalation vulnerability via unprotected IOCTL interface in Pegatron Tdelo64.sys | VU#529388 | 15 Jul 2026 | 15 Jul 2026 |
| node-forge Signature Forgery Vulnerabilities in RSA-PKCS and ED25519 Implementations | VU#725167 | 15 Jul 2026 | 15 Jul 2026 |
| GNU Wget enables SSRF via unvalidated FTP PASV IPs | VU#564823 | 10 Jul 2026 | 10 Jul 2026 |
| PayRange Android app version 7.0.7 contains multiple vulnerabilities | VU#152953 | 09 Jul 2026 | 09 Jul 2026 |
| Xerte Online Toolkit contains an authentication bypass that allows for RCE | VU#734812 | 09 Jul 2026 | 09 Jul 2026 |
| Adalo Database API Enables Cross-App User Data Extraction via Over-Fetching and Missing Authorization Controls | VU#849433 | 08 Jul 2026 | 08 Jul 2026 |
| Tenda firmware (multiple versions) contains hidden authentication backdoor | VU#213560 | 06 Jul 2026 | 06 Jul 2026 |
| HP Deskjet 2800 Printer Series Webservers contain Missing Authorization Vulnerability | VU#828543 | 06 Jul 2026 | 06 Jul 2026 |
Call it in one line
Runs the actor and returns the dataset. Swap in your Apify token.
curl "https://api.apify.com/v2/acts/zenolvepro~cert-cc-vulnerability-notes/run-sync-get-dataset-items?token=YOUR_APIFY_TOKEN"
from apify_client import ApifyClient
client = ApifyClient("YOUR_APIFY_TOKEN")
run = client.actor("zenolvepro/cert-cc-vulnerability-notes").call()
for row in client.dataset(run["defaultDatasetId"]).iterate_items():
print(row)import { ApifyClient } from 'apify-client';
const client = new ApifyClient({ token: 'YOUR_APIFY_TOKEN' });
const run = await client.actor('zenolvepro/cert-cc-vulnerability-notes').call();
const { items } = await client.dataset(run.defaultDatasetId).listItems();
console.log(items);https://mcp.apify.com?tools=zenolvepro/cert-cc-vulnerability-notes
Point any MCP-capable agent at this endpoint and the feed becomes a callable tool.
Who uses it
SOC, vulnerability-management, threat-intel, and PSIRT teams use it for monitoring, benchmarking, alerting, and enrichment.
Pricing
Billed through Apify. A tiny per-run start fee ($0.00005) applies. Only pay for records you actually pull.