Free security feeds and API: no login required

Machine-readable Microsoft patch data, actively exploited CVEs, and the Patch Tuesday calendar, free to pull into your RSS reader, SIEM, scripts, or spreadsheets. No account, no API key, no rate-limit gymnastics: these are static files rebuilt from the public sources several times a day and served from a CDN.

Senserva is a Microsoft Intelligent Security Association member

The feeds

Microsoft patches RSS

Every Microsoft security update (KB) as it ships, ranked by risk: actively exploited (CISA KEV) first, then EPSS exploit probability and CVSS. Each item links to a full KB detail page with the CVE list and affected products.

The 60 newest updates. Refreshed several times a day.
Non-Microsoft KEV RSS

Actively exploited vulnerabilities across every non-Microsoft vendor, straight from the CISA Known Exploited Vulnerabilities catalog, with EPSS scores and ransomware flags. The fastest way to hear that something in your third-party stack is under attack.

The 60 newest KEV additions. Refreshed several times a day.
Patch Tuesday RSS

One item per monthly Microsoft release: update count, CVEs fixed, how many are actively exploited, and a link to the full ranked breakdown. Subscribe once and never miss a release summary.

One item per month. Published on Patch Tuesday.
Microsoft patches JSON API

The full machine-readable catalog: hundreds of updates back through two years, each with KB number, release date, Severity, CVSS, EPSS, CISA KEV and ransomware flags, the complete CVE list, and affected products. One GET, no auth.

Full catalog in one file. Refreshed several times a day.
Patch Tuesday calendar (.ics)

The next twelve Patch Tuesdays as a standard calendar subscription for Outlook, Google Calendar, or Apple Calendar. Each entry links back to the live release page.

Rolling 12 months ahead.

Quick start with the JSON API

The API is a single static JSON document: generated (build date), source, count, and a patches array. Filter it with anything that reads JSON.

curl + jq: actively exploited updates from the latest release
curl -s https://senserva.com/api/microsoft-patches.json |
  jq '[.patches[] | select(.kev)] | sort_by(-.epss) | .[:10] | .[] | {kb, date, severity, epss, kev_cves}'
PowerShell: ransomware-linked updates you may be missing
$p = (Invoke-RestMethod https://senserva.com/api/microsoft-patches.json).patches
$p | Where-Object ransom | Sort-Object epss -Descending |
  Select-Object kb, date, severity, cvss, epss -First 10

Fields on each patch

kbKB number (string, no KB prefix). Detail page at /kb/<kb>.html.
dateRelease date, ISO 8601 (YYYY-MM-DD).
severityHighest Severity across the update's CVEs: Critical, High, Medium, or Low.
cvssHighest CVSS v3 base score across the update's CVEs.
epssHighest EPSS exploit probability (0 to 1) across the update's CVEs, from FIRST.org.
kevtrue when at least one CVE is in the CISA Known Exploited Vulnerabilities catalog; those CVEs are listed in kev_cves.
ransomtrue when a CVE is linked to known ransomware campaigns; listed in ransom_cves.
cves, countAll CVEs the update fixes, and how many. Each has a detail page at /cve/<id>.html.
productsAffected Microsoft products.

Fair use and sources

The feeds and API are free for personal and commercial use, no login and no key. If you publish something built on them, a link back to the tracker hub is appreciated. What they re-serve is limited to sources that are free to redistribute: Microsoft MSRC for the KB-to-CVE mapping and the CISA Known Exploited Vulnerabilities catalog (United States government work). Rankings and risk roll-ups are Senserva's own.

Sources you need to pull direct

We do not re-feed sources that require an API key or carry attribution terms. If you need these datasets, go to the provider:

  • FIRST.org EPSS: the authoritative exploit-probability scores. The EPSS values in our API are convenience copies used for ranking; FIRST.org asks to be cited whenever its scores are reused, and that obligation travels with the numbers.
  • NIST NVD: the authoritative CVSS data. Cite NVD if you republish CVSS values.
  • VulnCheck KEV: requires free registration and an API key. Never re-served here.
  • ENISA EU Vulnerability Database: shown on our pages with credit, never re-served here.

Want the same ranking applied to your own estate, which of these updates are actually missing on your devices? That is Senserva.

Feeds and API FAQ

Is there a free RSS feed for Microsoft patches?

Yes. https://senserva.com/feed/microsoft-patches.xml lists every Microsoft security update as it ships, ranked by real-world risk, with no login or key required.

Is there a free JSON API for Microsoft patch data?

Yes. https://senserva.com/api/microsoft-patches.json returns the full catalog with Severity, CVSS, EPSS, CISA KEV and ransomware flags, CVE lists, and affected products. It is a static file, so it is fast and has no auth or rate limits.

How often is the data refreshed?

Several times a day. The build pulls Microsoft MSRC, CISA KEV, FIRST.org EPSS, and NVD / CIRCL, re-ranks everything, and republishes the feeds, the API, and every KB and CVE detail page.

Can I get alerts for non-Microsoft vulnerabilities under attack?

Yes. https://senserva.com/feed/non-ms-kev.xml carries every new CISA KEV entry for non-Microsoft vendors, with EPSS scores and ransomware flags, usually within hours of CISA publishing it.

Data notice: the trackers, feeds, and API are provided as is, for informational purposes only, without warranty of any kind. Senserva, LLC does not guarantee the accuracy, completeness, or timeliness of third-party data and accepts no liability for actions taken based on it; verify against the primary source before acting. All use of this data is subject to the Senserva EULA.