The feeds
Every Microsoft security update (KB) as it ships, ranked by risk: actively exploited (CISA KEV) first, then EPSS exploit probability and CVSS. Each item links to a full KB detail page with the CVE list and affected products.
Actively exploited vulnerabilities across every non-Microsoft vendor, straight from the CISA Known Exploited Vulnerabilities catalog, with EPSS scores and ransomware flags. The fastest way to hear that something in your third-party stack is under attack.
One item per monthly Microsoft release: update count, CVEs fixed, how many are actively exploited, and a link to the full ranked breakdown. Subscribe once and never miss a release summary.
The full machine-readable catalog: hundreds of updates back through two years, each with KB number, release date, Severity, CVSS, EPSS, CISA KEV and ransomware flags, the complete CVE list, and affected products. One GET, no auth.
The next twelve Patch Tuesdays as a standard calendar subscription for Outlook, Google Calendar, or Apple Calendar. Each entry links back to the live release page.
Quick start with the JSON API
The API is a single static JSON document: generated (build date), source, count, and a patches array. Filter it with anything that reads JSON.
curl -s https://senserva.com/api/microsoft-patches.json |
jq '[.patches[] | select(.kev)] | sort_by(-.epss) | .[:10] | .[] | {kb, date, severity, epss, kev_cves}'
$p = (Invoke-RestMethod https://senserva.com/api/microsoft-patches.json).patches $p | Where-Object ransom | Sort-Object epss -Descending | Select-Object kb, date, severity, cvss, epss -First 10
Fields on each patch
kb | KB number (string, no KB prefix). Detail page at /kb/<kb>.html. |
date | Release date, ISO 8601 (YYYY-MM-DD). |
severity | Highest Severity across the update's CVEs: Critical, High, Medium, or Low. |
cvss | Highest CVSS v3 base score across the update's CVEs. |
epss | Highest EPSS exploit probability (0 to 1) across the update's CVEs, from FIRST.org. |
kev | true when at least one CVE is in the CISA Known Exploited Vulnerabilities catalog; those CVEs are listed in kev_cves. |
ransom | true when a CVE is linked to known ransomware campaigns; listed in ransom_cves. |
cves, count | All CVEs the update fixes, and how many. Each has a detail page at /cve/<id>.html. |
products | Affected Microsoft products. |
Fair use and sources
The feeds and API are free for personal and commercial use, no login and no key. If you publish something built on them, a link back to the tracker hub is appreciated. What they re-serve is limited to sources that are free to redistribute: Microsoft MSRC for the KB-to-CVE mapping and the CISA Known Exploited Vulnerabilities catalog (United States government work). Rankings and risk roll-ups are Senserva's own.
We do not re-feed sources that require an API key or carry attribution terms. If you need these datasets, go to the provider:
- FIRST.org EPSS: the authoritative exploit-probability scores. The EPSS values in our API are convenience copies used for ranking; FIRST.org asks to be cited whenever its scores are reused, and that obligation travels with the numbers.
- NIST NVD: the authoritative CVSS data. Cite NVD if you republish CVSS values.
- VulnCheck KEV: requires free registration and an API key. Never re-served here.
- ENISA EU Vulnerability Database: shown on our pages with credit, never re-served here.
Want the same ranking applied to your own estate, which of these updates are actually missing on your devices? That is Senserva.
Feeds and API FAQ
Is there a free RSS feed for Microsoft patches?
Yes. https://senserva.com/feed/microsoft-patches.xml lists every Microsoft security update as it ships, ranked by real-world risk, with no login or key required.
Is there a free JSON API for Microsoft patch data?
Yes. https://senserva.com/api/microsoft-patches.json returns the full catalog with Severity, CVSS, EPSS, CISA KEV and ransomware flags, CVE lists, and affected products. It is a static file, so it is fast and has no auth or rate limits.
How often is the data refreshed?
Several times a day. The build pulls Microsoft MSRC, CISA KEV, FIRST.org EPSS, and NVD / CIRCL, re-ranks everything, and republishes the feeds, the API, and every KB and CVE detail page.
Can I get alerts for non-Microsoft vulnerabilities under attack?
Yes. https://senserva.com/feed/non-ms-kev.xml carries every new CISA KEV entry for non-Microsoft vendors, with EPSS scores and ransomware flags, usually within hours of CISA publishing it.