Coalition · Capability

Coalition Exploit Scoring System — Vulnerability Intelligence

Coalition ESS capability covering 7 read-only operations against the public Coalition Exploit Scoring System API. Lead operation: List CVEs. Composes CVE search, single-CVE detail, ESS score history, ExploitDB and Metasploit exploit references, GitHub repository signals, and Twitter mention timelines into one self-contained vulnerability-intelligence capability.

Coalition Exploit Scoring System — Vulnerability Intelligence is a Naftiko capability published by Coalition on the APIs.io network. It bundles 7 operations across the GET method rooted at /v1/cve.

The capability includes 7 read-only operations. Lead operation: List CVEs from Coalition Exploit Scoring System. Can be deployed as a REST endpoint, MCP tool, or Agent Skill via Naftiko.

Tagged areas include Coalition, Cybersecurity, Vulnerability, CVE, and Threat Intelligence.

Run with Naftiko CoalitionCybersecurityVulnerabilityCVEThreat Intelligence

What You Can Do

GET
Listcves — List CVEs
/v1/cve
GET
Getcve — Get CVE
/v1/cve/{cve_id}
GET
Getesshistory — Get CVE ESS History
/v1/cve/{cve_id}/history
GET
Listexploitdb — List ExploitDB Exploits For CVE
/v1/cve/{cve_id}/exploits/exploitdb
GET
Listmetasploit — List Metasploit Modules For CVE
/v1/cve/{cve_id}/exploits/metasploit
GET
Listtwitter — List Twitter Mentions For CVE
/v1/cve/{cve_id}/mentions/twitter
GET
Listgithub — List GitHub Repositories Mentioning CVE
/v1/cve/{cve_id}/repositories/github

MCP Tools

list-cves

List CVEs from Coalition Exploit Scoring System

read-only idempotent
get-cve

Get a single CVE detail

read-only idempotent
get-cve-ess-history

Get historical ESS score changes for a CVE

read-only idempotent
list-exploitdb-exploits-for-cve

List ExploitDB exploits referencing a CVE

read-only idempotent
list-metasploit-modules-for-cve

List Metasploit modules referencing a CVE

read-only idempotent
list-twitter-mentions-for-cve

List Twitter mentions of a CVE

read-only idempotent
list-github-repositories-mentioning-cve

List GitHub repositories mentioning a CVE

read-only idempotent

Capability Spec

exploit-scoring.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: Coalition Exploit Scoring System — Vulnerability Intelligence
  description: >-
    Coalition ESS capability covering 7 read-only operations against the public
    Coalition Exploit Scoring System API. Lead operation: List CVEs. Composes
    CVE search, single-CVE detail, ESS score history, ExploitDB and Metasploit
    exploit references, GitHub repository signals, and Twitter mention timelines
    into one self-contained vulnerability-intelligence capability.
  tags:
    - Coalition
    - Cybersecurity
    - Vulnerability
    - CVE
    - Threat Intelligence
  created: '2026-05-25'
  modified: '2026-05-25'
binds: []
capability:
  consumes:
    - type: http
      namespace: exploit-scoring
      baseUri: https://ess-api.coalitioninc.com
      description: >-
        Coalition Exploit Scoring System read API. No authentication required;
        all operations are HTTP GET against a public production endpoint.
      resources:
        - name: cve
          path: /cve
          operations:
            - name: listcves
              method: GET
              description: List CVEs
              outputRawFormat: json
              outputParameters:
                - name: result
                  type: object
                  value: $.
              inputParameters:
                - name: search
                  in: query
                  type: string
                  required: false
                - name: min_ess_score
                  in: query
                  type: number
                  required: false
                - name: max_ess_score
                  in: query
                  type: number
                  required: false
                - name: seen_on_cisa_kev
                  in: query
                  type: boolean
                  required: false
                - name: page
                  in: query
                  type: integer
                  required: false
                - name: page_size
                  in: query
                  type: integer
                  required: false
        - name: cve-detail
          path: /cve/{cve_id}
          operations:
            - name: getcve
              method: GET
              description: Get CVE
              outputRawFormat: json
              outputParameters:
                - name: result
                  type: object
                  value: $.
              inputParameters:
                - name: cve_id
                  in: path
                  type: string
                  required: true
        - name: cve-history
          path: /cve/{cve_id}/history
          operations:
            - name: getessHistory
              method: GET
              description: Get CVE ESS History
              outputRawFormat: json
              outputParameters:
                - name: result
                  type: object
                  value: $.
              inputParameters:
                - name: cve_id
                  in: path
                  type: string
                  required: true
        - name: cve-exploitdb
          path: /cve/{cve_id}/exploits/exploitdb
          operations:
            - name: listexploitdb
              method: GET
              description: List ExploitDB Exploits For CVE
              outputRawFormat: json
              outputParameters:
                - name: result
                  type: object
                  value: $.
              inputParameters:
                - name: cve_id
                  in: path
                  type: string
                  required: true
        - name: cve-metasploit
          path: /cve/{cve_id}/exploits/metasploit
          operations:
            - name: listmetasploit
              method: GET
              description: List Metasploit Modules For CVE
              outputRawFormat: json
              outputParameters:
                - name: result
                  type: object
                  value: $.
              inputParameters:
                - name: cve_id
                  in: path
                  type: string
                  required: true
        - name: cve-twitter
          path: /cve/{cve_id}/mentions/twitter
          operations:
            - name: listtwitter
              method: GET
              description: List Twitter Mentions For CVE
              outputRawFormat: json
              outputParameters:
                - name: result
                  type: object
                  value: $.
              inputParameters:
                - name: cve_id
                  in: path
                  type: string
                  required: true
        - name: cve-github
          path: /cve/{cve_id}/repositories/github
          operations:
            - name: listgithub
              method: GET
              description: List GitHub Repositories Mentioning CVE
              outputRawFormat: json
              outputParameters:
                - name: result
                  type: object
                  value: $.
              inputParameters:
                - name: cve_id
                  in: path
                  type: string
                  required: true
      authentication:
        type: none
  exposes:
    - type: rest
      namespace: exploit-scoring-rest
      port: 8080
      description: REST adapter for Coalition ESS. One resource per consumed operation, prefixed with /v1.
      resources:
        - path: /v1/cve
          name: cve
          operations:
            - method: GET
              name: listcves
              description: List CVEs
              call: exploit-scoring.listcves
              outputParameters:
                - type: object
                  mapping: $.
        - path: /v1/cve/{cve_id}
          name: cve-detail
          operations:
            - method: GET
              name: getcve
              description: Get CVE
              call: exploit-scoring.getcve
              outputParameters:
                - type: object
                  mapping: $.
        - path: /v1/cve/{cve_id}/history
          name: cve-history
          operations:
            - method: GET
              name: getessHistory
              description: Get CVE ESS History
              call: exploit-scoring.getessHistory
              outputParameters:
                - type: object
                  mapping: $.
        - path: /v1/cve/{cve_id}/exploits/exploitdb
          name: cve-exploitdb
          operations:
            - method: GET
              name: listexploitdb
              description: List ExploitDB Exploits For CVE
              call: exploit-scoring.listexploitdb
              outputParameters:
                - type: object
                  mapping: $.
        - path: /v1/cve/{cve_id}/exploits/metasploit
          name: cve-metasploit
          operations:
            - method: GET
              name: listmetasploit
              description: List Metasploit Modules For CVE
              call: exploit-scoring.listmetasploit
              outputParameters:
                - type: object
                  mapping: $.
        - path: /v1/cve/{cve_id}/mentions/twitter
          name: cve-twitter
          operations:
            - method: GET
              name: listtwitter
              description: List Twitter Mentions For CVE
              call: exploit-scoring.listtwitter
              outputParameters:
                - type: object
                  mapping: $.
        - path: /v1/cve/{cve_id}/repositories/github
          name: cve-github
          operations:
            - method: GET
              name: listgithub
              description: List GitHub Repositories Mentioning CVE
              call: exploit-scoring.listgithub
              outputParameters:
                - type: object
                  mapping: $.
    - type: mcp
      namespace: exploit-scoring-mcp
      port: 9090
      transport: http
      description: MCP adapter for Coalition ESS. One tool per consumed operation.
      tools:
        - name: list-cves
          description: List CVEs from Coalition Exploit Scoring System
          hints:
            readOnly: true
            destructive: false
            idempotent: true
          call: exploit-scoring.listcves
          outputParameters:
            - type: object
              mapping: $.
        - name: get-cve
          description: Get a single CVE detail
          hints:
            readOnly: true
            destructive: false
            idempotent: true
          call: exploit-scoring.getcve
          outputParameters:
            - type: object
              mapping: $.
        - name: get-cve-ess-history
          description: Get historical ESS score changes for a CVE
          hints:
            readOnly: true
            destructive: false
            idempotent: true
          call: exploit-scoring.getessHistory
          outputParameters:
            - type: object
              mapping: $.
        - name: list-exploitdb-exploits-for-cve
          description: List ExploitDB exploits referencing a CVE
          hints:
            readOnly: true
            destructive: false
            idempotent: true
          call: exploit-scoring.listexploitdb
          outputParameters:
            - type: object
              mapping: $.
        - name: list-metasploit-modules-for-cve
          description: List Metasploit modules referencing a CVE
          hints:
            readOnly: true
            destructive: false
            idempotent: true
          call: exploit-scoring.listmetasploit
          outputParameters:
            - type: object
              mapping: $.
        - name: list-twitter-mentions-for-cve
          description: List Twitter mentions of a CVE
          hints:
            readOnly: true
            destructive: false
            idempotent: true
          call: exploit-scoring.listtwitter
          outputParameters:
            - type: object
              mapping: $.
        - name: list-github-repositories-mentioning-cve
          description: List GitHub repositories mentioning a CVE
          hints:
            readOnly: true
            destructive: false
            idempotent: true
          call: exploit-scoring.listgithub
          outputParameters:
            - type: object
              mapping: $.