security.cve
Look up a CVE by id (e.g. CVE-2021-44228) across three authoritative vulnerability feeds in one call. Query: cve (CVE-YYYY-NNNN). Returns the canonical record — description, CVSS base score + severity + vector, CWE weakness ids, published/modified dates, reference links — plus whether it is on the US CISA Known Exploited Vulnerabilities catalog (with remediation due date and known-ransomware flag) and its EPSS exploit-probability score and percentile. The exploited and EPSS sections report independently, so one feed being unavailable does not fail the call. 404 if the CVE id is unknown. For triage, prioritization, and anti-hallucination on vulnerability claims.
price
$0.0018 USDC per call
method
GET
/api/security/cvepayment
x402 v2 · USDC on Base (EIP-3009) or Solana (SPL transfer)
auth
None. Sign the payment, retry with
PAYMENT-SIGNATURE.tier
Tier 0 — no paid upstream
Parameters
| Name | Type | Description |
|---|---|---|
cverequired | string | CVE identifier in the form CVE-YYYY-NNNN (e.g. CVE-2021-44228). min 6 chars · max 40 chars |
Code samples
cURLbash
# 1. Probe with no auth → 402 envelope with PaymentRequirements curl -sS 'https://2s.io/api/security/cve?cve=xxxxxx' # 2. Sign + retry with PAYMENT-SIGNATURE: curl -sS 'https://2s.io/api/security/cve?cve=xxxxxx' \ -H 'PAYMENT-SIGNATURE: <base64-json-payload>' # Or use the canonical runner (handles probe → sign → retry): # EVM_PRIVATE_KEY=0x... node --env-file=.env.local \ # --experimental-strip-types scripts/x402-pay.ts \ # 'https://2s.io/api/security/cve?cve=xxxxxx'
TypeScript / Node — @2sio/sdktypescript
import { TwoS } from '@2sio/sdk'
const client = new TwoS({
privateKey: process.env.EVM_PRIVATE_KEY as `0x${string}`,
})
const result = await client.security.cve({
"cve": "xxxxxx"
})
console.log('endpoint:', result.endpoint)
console.log('cost:', result.costUsd, 'USDC')
console.log('tx:', result.settlement?.txHash)
console.log('data:', result.data)Python — 2siopython
import os
from twosio import TwoS
client = TwoS(private_key=os.environ["EVM_PRIVATE_KEY"])
result = client.security.cve(cve="xxxxxx")
print("endpoint:", result.endpoint)
print("cost:", result.cost_usd, "USDC")
print("tx:", (result.settlement or {}).get("tx_hash"))
print("data:", result.data)MCP — Claude Desktop / AgentKit / any MCP hostjson
// 1. Add @2sio/mcp to your MCP host config (Claude Desktop example below).
// EVM_PRIVATE_KEY funds x402 payments per call.
// claude_desktop_config.json
{
"mcpServers": {
"2sio": {
"command": "npx",
"args": ["-y", "@2sio/mcp"],
"env": { "EVM_PRIVATE_KEY": "0x..." }
}
}
}
// 2. Once the server is running, agents call this tool via standard MCP:
{
"jsonrpc": "2.0",
"id": 1,
"method": "tools/call",
"params": {
"name": "security.cve",
"arguments": {
"cve": "xxxxxx"
}
}
}Response
| Field | Type | Description |
|---|---|---|
cve | string | |
published | string | |
lastModified | string | |
vulnStatus | string | |
description | string | |
cvss | object | |
cwes | array | |
references | array | |
knownExploited | object | |
knownExploitedError | string | |
epss | object | |
epssError | string | |
sources | array |
Example response datajson
{
"cve": "example",
"published": "example",
"lastModified": "example",
"vulnStatus": "example",
"description": "example",
"cvss": {},
"cwes": [
"example"
],
"references": [
{}
],
"knownExploited": {},
"knownExploitedError": "example",
"epss": {},
"epssError": "example",
"sources": [
{}
]
}Discovery
- /api/directory — full catalog of every endpoint
- /openapi.json — OpenAPI 3.1 spec (per-op x-payment-info, x402Payment security)
- /.well-known/x402 — machine-readable service descriptor for x402-aware crawlers
- /.well-known/mcp/server-card.json — MCP SEP-1649 server card
- /llms.txt — plain-text manifest for LLM ingestion
2s.io is x402-native. Every call is paid per-request from a USDC-funded EVM wallet on Base — no signup, no API keys, no monthly fees. Source code: github.com/2s-io/sdk.