NIST NVD CVE API
NIST NVD CVE API. 2 operations. Lead operation: Retrieve CVE change history. Self-contained Naftiko capability covering one Nist business surface.
What You Can Do
GET
Getcvehistory
— Retrieve CVE change history
/v1/cvehistory/2-0
GET
Getcves
— Search CVE records
/v1/cves/2-0
MCP Tools
retrieve-cve-change-history
Retrieve CVE change history
read-only
idempotent
search-cve-records
Search CVE records
read-only
idempotent
Capability Spec
naftiko: 1.0.0-alpha2
info:
label: NIST NVD CVE API
description: 'NIST NVD CVE API. 2 operations. Lead operation: Retrieve CVE change history. Self-contained Naftiko capability
covering one Nist business surface.'
tags:
- Nist
- NIST NVD CVE API
created: '2026-05-19'
modified: '2026-05-19'
binds:
- namespace: env
keys:
NIST_API_KEY: NIST_API_KEY
capability:
consumes:
- type: http
namespace: nvd-cve
baseUri: https://services.nvd.nist.gov/rest/json
description: NIST NVD CVE API business capability. Self-contained, no shared references.
resources:
- name: cvehistory-2.0
path: /cvehistory/2.0
operations:
- name: getcvehistory
method: GET
description: Retrieve CVE change history
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: cveId
in: query
type: string
description: Returns the change history for a single CVE.
- name: changeStartDate
in: query
type: string
description: Filter changes that occurred on or after this date (ISO 8601).
- name: changeEndDate
in: query
type: string
description: Filter changes that occurred on or before this date (ISO 8601).
- name: resultsPerPage
in: query
type: integer
description: Number of change records to return per page (max 5000).
- name: startIndex
in: query
type: integer
description: Zero-based offset into the result set.
- name: cves-2.0
path: /cves/2.0
operations:
- name: getcves
method: GET
description: Search CVE records
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: cveId
in: query
type: string
description: Returns a single CVE record by its CVE identifier.
- name: cpeName
in: query
type: string
description: Returns CVE records associated with the supplied CPE 2.3 name.
- name: cvssV3Severity
in: query
type: string
description: Filter results by CVSS v3 qualitative severity rating.
- name: keywordSearch
in: query
type: string
description: Returns CVE records where the description contains the keyword.
- name: pubStartDate
in: query
type: string
description: Filter by CVE publish start date (ISO 8601).
- name: pubEndDate
in: query
type: string
description: Filter by CVE publish end date (ISO 8601).
- name: lastModStartDate
in: query
type: string
description: Filter by last modified start date (ISO 8601).
- name: lastModEndDate
in: query
type: string
description: Filter by last modified end date (ISO 8601).
- name: resultsPerPage
in: query
type: integer
description: Number of CVE records to return per page (max 2000).
- name: startIndex
in: query
type: integer
description: Zero-based offset into the result set.
authentication:
type: apikey
key: apiKey
value: '{{env.NIST_API_KEY}}'
placement: header
exposes:
- type: rest
namespace: nvd-cve-rest
port: 8080
description: REST adapter for NIST NVD CVE API. One Spectral-compliant resource per consumed operation, prefixed with
/v1.
resources:
- path: /v1/cvehistory/2-0
name: cvehistory-2-0
description: REST surface for cvehistory-2.0.
operations:
- method: GET
name: getcvehistory
description: Retrieve CVE change history
call: nvd-cve.getcvehistory
with:
cveId: rest.cveId
changeStartDate: rest.changeStartDate
changeEndDate: rest.changeEndDate
resultsPerPage: rest.resultsPerPage
startIndex: rest.startIndex
outputParameters:
- type: object
mapping: $.
- path: /v1/cves/2-0
name: cves-2-0
description: REST surface for cves-2.0.
operations:
- method: GET
name: getcves
description: Search CVE records
call: nvd-cve.getcves
with:
cveId: rest.cveId
cpeName: rest.cpeName
cvssV3Severity: rest.cvssV3Severity
keywordSearch: rest.keywordSearch
pubStartDate: rest.pubStartDate
pubEndDate: rest.pubEndDate
lastModStartDate: rest.lastModStartDate
lastModEndDate: rest.lastModEndDate
resultsPerPage: rest.resultsPerPage
startIndex: rest.startIndex
outputParameters:
- type: object
mapping: $.
- type: mcp
namespace: nvd-cve-mcp
port: 9090
transport: http
description: MCP adapter for NIST NVD CVE API. One tool per consumed operation, routed inline through this capability's
consumes block.
tools:
- name: retrieve-cve-change-history
description: Retrieve CVE change history
hints:
readOnly: true
destructive: false
idempotent: true
call: nvd-cve.getcvehistory
with:
cveId: tools.cveId
changeStartDate: tools.changeStartDate
changeEndDate: tools.changeEndDate
resultsPerPage: tools.resultsPerPage
startIndex: tools.startIndex
outputParameters:
- type: object
mapping: $.
- name: search-cve-records
description: Search CVE records
hints:
readOnly: true
destructive: false
idempotent: true
call: nvd-cve.getcves
with:
cveId: tools.cveId
cpeName: tools.cpeName
cvssV3Severity: tools.cvssV3Severity
keywordSearch: tools.keywordSearch
pubStartDate: tools.pubStartDate
pubEndDate: tools.pubEndDate
lastModStartDate: tools.lastModStartDate
lastModEndDate: tools.lastModEndDate
resultsPerPage: tools.resultsPerPage
startIndex: tools.startIndex
outputParameters:
- type: object
mapping: $.