MITRE Recent CVEs
Fetch the latest CVEs directly from MITRE's CVE List V5 delta feed. MITRE publishes CVEs approximately 24 hours before they appear in NVD, making this endpoint ideal for early detection.
Endpoint
GET /api/v1/mitre/recentParameters
| Parameter | Type | Required | Description |
|---|---|---|---|
limit | number | No | Maximum CVEs to return (default: 50, max: 100) |
Response
json
{
"success": true,
"source": "mitre-cve-list-v5",
"fetchTime": "2026-02-06T02:10:25.863Z",
"summary": {
"total": 17959,
"new": 439,
"updated": 7415
},
"cves": [
{
"id": "CVE-2026-1974",
"state": "PUBLISHED",
"datePublished": "2026-02-06T02:02:10.925Z",
"dateUpdated": "2026-02-06T02:02:10.925Z",
"dateReserved": "2026-02-05T13:33:48.056Z",
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"title": "Free5GC SMF datapath.go ResolveNodeIdToIp denial of service",
"description": "A vulnerability was identified in Free5GC up to 4.1.0...",
"severity": "medium",
"cvssScore": 5.3,
"cvssVersion": "3.1",
"cvssVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"affected": [
{
"vendor": "n/a",
"product": "Free5GC",
"versions": [
{ "version": "4.0", "status": "affected" },
{ "version": "4.1.0", "status": "affected" }
],
"cpes": []
}
],
"references": [
{
"url": "https://vuldb.com/?id.344496",
"name": "VDB-344496 | Free5GC SMF datapath.go ResolveNodeIdToIp denial of service",
"tags": ["vdb-entry", "technical-description"]
}
],
"problemTypes": [
{
"cweId": "CWE-404",
"description": "Denial of Service"
}
],
"source": "cve-list-v5"
}
],
"timestamp": "2026-02-06T03:05:43.663Z"
}Response Fields
Summary
| Field | Type | Description |
|---|---|---|
total | number | Total changes in MITRE's delta log |
new | number | Count of newly published CVEs |
updated | number | Count of updated CVEs |
CVE Object
| Field | Type | Description |
|---|---|---|
id | string | CVE identifier (e.g., CVE-2026-1974) |
state | string | CVE state (PUBLISHED, REJECTED, etc.) |
datePublished | string | ISO 8601 publication timestamp |
dateUpdated | string | ISO 8601 last update timestamp |
title | string | Short CVE title |
description | string | Full vulnerability description |
severity | string | Severity level (critical, high, medium, low, unknown) |
cvssScore | number | CVSS base score (0.0-10.0) |
cvssVersion | string | CVSS version (3.0 or 3.1) |
cvssVector | string | Full CVSS vector string |
affected | array | Affected products and versions |
references | array | Reference URLs |
problemTypes | array | CWE identifiers |
Example
bash
# Get 10 most recent CVEs
curl "https://api.vulnpatch.dev/api/v1/mitre/recent?limit=10"
# Get default (50) recent CVEs
curl "https://api.vulnpatch.dev/api/v1/mitre/recent"Code Examples
javascript
async function getRecentCVEs(limit = 20) {
const response = await fetch(
`https://api.vulnpatch.dev/api/v1/mitre/recent?limit=${limit}`
);
const data = await response.json();
console.log(`MITRE Delta: ${data.summary.new} new, ${data.summary.updated} updated`);
for (const cve of data.cves) {
console.log(`[${cve.severity}] ${cve.id}: ${cve.title}`);
}
return data.cves;
}
getRecentCVEs(10);python
import requests
def get_recent_cves(limit=20):
response = requests.get(
f"https://api.vulnpatch.dev/api/v1/mitre/recent?limit={limit}"
)
data = response.json()
print(f"MITRE Delta: {data['summary']['new']} new, {data['summary']['updated']} updated")
for cve in data['cves']:
print(f"[{cve['severity']}] {cve['id']}: {cve['title']}")
return data['cves']
get_recent_cves(10)Use Cases
- Early Warning: Get CVEs ~24 hours before they appear in NVD
- Security Monitoring: Track newly published vulnerabilities
- Threat Intelligence: Feed into security dashboards
- Automated Scanning: Check for new CVEs affecting your stack
Data Source
This endpoint fetches directly from MITRE's CVE List V5 repository, specifically the deltaLog.json file which contains recent changes.
The delta log is updated approximately hourly and contains:
- Newly published CVEs
- Updated CVE records
- Rejected CVEs
Caching
Results are cached for 5 minutes. The cron job syncs new CVEs every 30 minutes.
Related Endpoints
GET /api/v1/cve/:id- Lookup specific CVE by IDPOST /api/v1/cve/batch- Bulk CVE lookupGET /api/v1/search- Full-text CVE search