Skip to main content

Vulnerability Intelligence (VulnDB)

Infracast maintains a continuously-updated vulnerability intelligence database combining data from CISA KEV, FIRST EPSS, and NVD.

Data Sources

CISA Known Exploited Vulnerabilities (KEV)

The CISA KEV Catalog tracks vulnerabilities actively being exploited in the wild. As of April 2026, the catalog contains 1,556+ CVEs.

Infracast automatically:

  • Syncs the KEV catalog daily
  • Escalates any finding matching a KEV CVE to CRITICAL
  • Shows KEV due dates for federal compliance

FIRST EPSS

The Exploit Prediction Scoring System uses machine learning to predict which vulnerabilities are most likely to be exploited in the next 30 days.

  • Updated daily with 324,000+ CVE scores
  • EPSS score (0-1) indicates exploitation probability
  • EPSS percentile shows relative risk

NVD (National Vulnerability Database)

On-demand CVE lookups from NVD provide:

  • CVSS v3 scores and severity
  • Affected products (CPE)
  • Reference links
  • Full descriptions

API Endpoints

# Get CVE details (combines KEV + EPSS + NVD)
GET /api/v1/vulndb/cve/{cveId}

# Check if CVE is in KEV or has high EPSS
GET /api/v1/vulndb/check/{cveId}

# Get full KEV list
GET /api/v1/vulndb/kev

# Get VulnDB statistics
GET /api/v1/vulndb/stats

# Trigger manual sync (admin only)
POST /api/v1/vulndb/sync

Example Response

GET /api/v1/vulndb/cve/CVE-2021-44228

{
  "cve_id": "CVE-2021-44228",
  "description": "Apache Log4j2 JNDI features...",
  "cvss_v3_score": 10.0,
  "cvss_v3_severity": "CRITICAL",
  "is_kev": true,
  "kev_date_added": "2021-12-10",
  "kev_due_date": "2021-12-24",
  "epss_score": 0.975,
  "epss_percentile": 0.999,
  "vendor_project": "Apache",
  "product_name": "Log4j2",
  "references": ["..."]
}

Content Packs

VulnDB data is delivered via signed and encrypted content packs that can be:

  • Pulled from CDN automatically (every 6 hours)
  • Pushed via API for managed instances
  • Imported offline for air-gapped deployments

See Content Packs for details.

Availability

VulnDB is available on all tiers. Premium tiers get additional threat intelligence integration.

TierFeatures
FreeKEV, EPSS, NVD lookups
Pro+ Priority CVE alerts
Business+ Custom CVE watchlists
Enterprise++ Threat intel feeds