CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Open data

The CSIRTS.com database as downloadable files — free, no key, no rate games. Rebuilt from the live tables at most every 6 hours. Licensed CC BY 4.0: use it in research, dashboards or products, with a link back to csirts.com.

Exploitation dataset — 1,713 CVEs

Every CVE that is in the CISA KEV catalog (exploited in the wild) and/or has public exploit code in Exploit-DB, Metasploit, Nuclei templates or PoC-in-GitHub. This is the machine-readable form of the live Exploitation Gap report — filter has_exploit=true + kev=false to reproduce the gap list.

cve
CVE identifier
severity
critical / high / medium / low / unknown (from NVD CVSS)
cvss
CVSS base score, when scored
kev
true = in the CISA KEV catalog (exploited in the wild)
kev_date
date the CVE was added to KEV
has_exploit
true = public exploit or PoC code exists
exploit_sources
which datasets reference it: exploitdb, metasploit, nuclei, poc-github
published_at / modified_at
CVE record timestamps
csirts_url
consolidated CVE page on CSIRTS.com

Advisory index — 4,840 advisories

Every durable advisory we aggregate from national CERTs, CERT-EU and vendor PSIRTs (24 sources), one row per advisory. The NVD/GHSA firehose mirrors are excluded — this is the curated stream, including advisories machine-translated from German, French and Dutch that have no other English index.

num
stable CSIRTS advisory number
source_id
publishing feed (see /sources for ids)
external_id
the publisher’s own advisory id, when present
title
advisory title (machine-translated to English where needed)
severity / cvss
normalized severity and CVSS score
cves
CVE ids referenced by the advisory (| separated in CSV)
exploited
true = references a CISA-KEV CVE
has_exploit
true = references a CVE with public exploit code
published_at
publication timestamp
link / csirts_url
original advisory and the CSIRTS page

Format, cadence & license

JSON files carry a metadata envelope (dataset, license, generated_at, count, rows); CSV files are plain tables with a header row, arrays joined with |. Files regenerate from the live database at most every 6 hours; the database itself syncs all 24 sources every 3 hours. For queries instead of downloads, use the JSON API, OpenAPI spec or MCP server.

License: Creative Commons Attribution 4.0. Suggested citation: CSIRTS.com Open Data, https://www.csirts.com/data (retrieved YYYY-MM-DD). Advisory texts remain the property of their publishing organizations.