跟踪 CVE 详情和历史记录从 NVD 并同步到 Google Sheets
中级
这是一个AI, SecOps领域的自动化工作流,包含 13 个节点。主要使用 Code, Webhook, HttpRequest, GoogleSheets 等节点,结合人工智能技术实现智能自动化。 使用 NVD API 和 Google Sheets 跟踪 CVE 漏洞详情与历史记录
前置要求
- •HTTP Webhook 端点(n8n 会自动生成)
- •可能需要目标 API 的认证凭证
- •Google Sheets API 凭证
工作流预览
可视化展示节点连接关系,支持缩放和平移
导出工作流
复制以下 JSON 配置到 n8n 导入,即可使用此工作流
{
"id": "YEh1XUHtAwWFvB7z",
"meta": {
"instanceId": "c62c01f3e843893075a10f252ec7d6d69e5ab593af019f50055d506cb3081b99",
"templateCredsSetupCompleted": true
},
"name": "跟踪 CVE 详情和历史记录从 NVD 并同步到 Google Sheets",
"tags": [
{
"id": "XuoVybTXeUXuim6G",
"name": "✅ Live",
"createdAt": "2025-06-08T07:59:43.586Z",
"updatedAt": "2025-06-08T07:59:43.586Z"
},
{
"id": "MbPHhZHgb39Syuoa",
"name": "🔐 SecOps",
"createdAt": "2025-04-20T05:18:20.689Z",
"updatedAt": "2025-06-08T08:01:56.494Z"
}
],
"nodes": [
{
"id": "b8e39932-0733-465a-a784-469d36374754",
"name": "Webhook:获取 CVE 详情",
"type": "n8n-nodes-base.webhook",
"position": [
-260,
-160
],
"webhookId": "3a3e9d6c-fbbf-482c-a6e9-88cdd79d404a",
"parameters": {
"path": "3a3e9d6c-fbbf-482c-a6e9-88cdd79d404a",
"options": {}
},
"typeVersion": 2
},
{
"id": "844af868-d326-4d73-85b8-00de22f2e5ca",
"name": "从 NVD API 获取 CVE",
"type": "n8n-nodes-base.httpRequest",
"position": [
-40,
-160
],
"parameters": {
"url": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"options": {},
"sendQuery": true,
"authentication": "genericCredentialType",
"genericAuthType": "httpHeaderAuth",
"queryParameters": {
"parameters": [
{
"name": "cveId",
"value": "={{ $json.query.cveId }}"
}
]
}
},
"credentials": {
"httpBasicAuth": {
"id": "pmJaCcMGEkPDYowB",
"name": "Basic Auth Webhook credential"
},
"httpHeaderAuth": {
"id": "mHJL7L4nhoBAK9S8",
"name": "NVD Header Auth account"
}
},
"typeVersion": 4.2
},
{
"id": "3ab38c76-33df-44a1-987b-0f668028c4f7",
"name": "解析 CVE JSON → 扁平格式",
"type": "n8n-nodes-base.code",
"position": [
180,
-160
],
"parameters": {
"jsCode": "const results = [];\n\nfor (const item of items) {\n const vulnerabilities = item.json.vulnerabilities || [];\n\n for (const vuln of vulnerabilities) {\n const cve = vuln.cve || {};\n\n const cvss = cve.metrics?.cvssMetricV31?.[0];\n const cvssData = cvss?.cvssData || {};\n\n results.push({\n json: {\n CVE_ID: cve.id || '',\n Source_Identifier: cve.sourceIdentifier || '',\n Published: cve.published || '',\n Last_Modified: cve.lastModified || '',\n Vuln_Status: cve.vulnStatus || '',\n CVE_Tags: (cve.cveTags || []).join(';'),\n\n Description: (cve.descriptions || []).find(d => d.lang === 'en')?.value || '',\n\n CVSS_Version: cvssData.version || '',\n Vector_String: cvssData.vectorString || '',\n Base_Severity: cvssData.baseSeverity || '',\n Base_Score: cvssData.baseScore || '',\n Attack_Vector: cvssData.attackVector || '',\n Attack_Complexity: cvssData.attackComplexity || '',\n Privileges_Required: cvssData.privilegesRequired || '',\n User_Interaction: cvssData.userInteraction || '',\n Scope: cvssData.scope || '',\n Confidentiality_Impact: cvssData.confidentialityImpact || '',\n Integrity_Impact: cvssData.integrityImpact || '',\n Availability_Impact: cvssData.availabilityImpact || '',\n Exploitability_Score: cvss?.exploitabilityScore || '',\n Impact_Score: cvss?.impactScore || '',\n\n CWE_ID: cve.weaknesses?.[0]?.description?.[0]?.value || '',\n Reference_URL: cve.references?.[0]?.url || ''\n }\n });\n }\n}\n\nreturn results;"
},
"typeVersion": 2
},
{
"id": "f96c4bcb-b24e-4e19-9c59-6ed733d0f98b",
"name": "将 CVE 元数据记录到表格",
"type": "n8n-nodes-base.googleSheets",
"position": [
400,
-160
],
"parameters": {
"columns": {
"value": {},
"schema": [
{
"id": "CVE_ID",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "CVE_ID",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "Raw_CVE_Data",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "Raw_CVE_Data",
"defaultMatch": false,
"canBeUsedToMatch": true
}
],
"mappingMode": "autoMapInputData",
"matchingColumns": [],
"attemptToConvertTypes": false,
"convertFieldsToString": false
},
"options": {},
"operation": "append",
"sheetName": {
"__rl": true,
"mode": "list",
"value": "gid=0",
"cachedResultUrl": "https://docs.google.com/spreadsheets/d/abc1234567890/edit#gid=0",
"cachedResultName": "CVE Lookup"
},
"documentId": {
"__rl": true,
"mode": "list",
"value": "abc1234567890",
"cachedResultUrl": "https://docs.google.com/spreadsheets/d/abc1234567890/edit?usp=drivesdk",
"cachedResultName": "NVD Database"
}
},
"credentials": {
"googleSheetsOAuth2Api": {
"id": "W8E4vruWIsUhkTII",
"name": "Google Sheets account [abc@mail.com]"
}
},
"typeVersion": 4.6
},
{
"id": "11bb7c7e-c7e8-4d1f-98c9-c36d59b9b928",
"name": "Webhook:获取 CVE 变更历史",
"type": "n8n-nodes-base.webhook",
"position": [
-260,
260
],
"webhookId": "587c86f4-4a3a-4765-b486-4bed8a0ccad3",
"parameters": {
"path": "587c86f4-4a3a-4765-b486-4bed8a0ccad3",
"options": {}
},
"typeVersion": 2
},
{
"id": "ac9e845b-4905-43d1-971b-9c93c3ef8f9e",
"name": "从 NVD API 获取 CVE 历史记录",
"type": "n8n-nodes-base.httpRequest",
"position": [
-40,
260
],
"parameters": {
"url": "https://services.nvd.nist.gov/rest/json/cvehistory/2.0",
"options": {},
"sendQuery": true,
"authentication": "genericCredentialType",
"genericAuthType": "httpHeaderAuth",
"queryParameters": {
"parameters": [
{
"name": "cveId",
"value": "={{ $json.query.cveId }}"
}
]
}
},
"credentials": {
"httpBasicAuth": {
"id": "pmJaCcMGEkPDYowB",
"name": "Basic Auth Webhook credential"
},
"httpHeaderAuth": {
"id": "mHJL7L4nhoBAK9S8",
"name": "NVD Header Auth account"
}
},
"typeVersion": 4.2
},
{
"id": "8a78a501-352d-4e4a-9ff1-3752e7723d65",
"name": "解析 CVE 历史记录 JSON → 扁平格式",
"type": "n8n-nodes-base.code",
"position": [
180,
260
],
"parameters": {
"jsCode": "const results = [];\n\nfor (const item of items) {\n const cveChanges = item.json.cveChanges || [];\n\n for (const changeEntry of cveChanges) {\n const change = changeEntry.change || {};\n\n const cveId = change.cveId || '';\n const changeId = change.cveChangeId || '';\n const event = change.eventName || '';\n const source = change.sourceIdentifier || '';\n const created = change.created || '';\n\n const details = change.details || [];\n\n // If there are details, extract each detail into its own row\n if (details.length > 0) {\n for (const detail of details) {\n results.push({\n json: {\n CVE_ID: cveId,\n Change_ID: changeId,\n Event: event,\n Source: source,\n Timestamp: created,\n Action: detail.action || '',\n Type: detail.type || '',\n Old_Value: detail.oldValue || '',\n New_Value: detail.newValue || ''\n }\n });\n }\n } else {\n // If no details present, still add the change entry\n results.push({\n json: {\n CVE_ID: cveId,\n Change_ID: changeId,\n Event: event,\n Source: source,\n Timestamp: created,\n Action: '',\n Type: '',\n Old_Value: '',\n New_Value: ''\n }\n });\n }\n }\n}\n\nreturn results;"
},
"typeVersion": 2
},
{
"id": "885c9eae-cab8-40ba-8eac-2e920370651f",
"name": "将 CVE 历史记录记录到表格",
"type": "n8n-nodes-base.googleSheets",
"position": [
400,
260
],
"parameters": {
"columns": {
"value": {},
"schema": [
{
"id": "CVE_ID",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "CVE_ID",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "Change_ID",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "Change_ID",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "Event",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "Event",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "Source",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "Source",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "Timestamp",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "Timestamp",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "Action",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "Action",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "Type",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "Type",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "Old_Value",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "Old_Value",
"defaultMatch": false,
"canBeUsedToMatch": true
},
{
"id": "New_Value",
"type": "string",
"display": true,
"removed": false,
"required": false,
"displayName": "New_Value",
"defaultMatch": false,
"canBeUsedToMatch": true
}
],
"mappingMode": "autoMapInputData",
"matchingColumns": [],
"attemptToConvertTypes": false,
"convertFieldsToString": false
},
"options": {},
"operation": "append",
"sheetName": {
"__rl": true,
"mode": "list",
"value": 185619006,
"cachedResultUrl": "https://docs.google.com/spreadsheets/d/abc1234567890/edit#gid=185619006",
"cachedResultName": "CVE History"
},
"documentId": {
"__rl": true,
"mode": "list",
"value": "abc1234567890",
"cachedResultUrl": "https://docs.google.com/spreadsheets/d/abc1234567890/edit?usp=drivesdk",
"cachedResultName": "NVD Database"
}
},
"credentials": {
"googleSheetsOAuth2Api": {
"id": "W8E4vruWIsUhkTII",
"name": "Google Sheets account [abc@mail.com]"
}
},
"typeVersion": 4.6
},
{
"id": "8d8f4db1-f5fd-499c-ace5-eec99ecb6b9e",
"name": "便签2",
"type": "n8n-nodes-base.stickyNote",
"position": [
-380,
-340
],
"parameters": {
"width": 1000,
"height": 360,
"content": "## 🔍 从 NVD 查找 CVE 漏洞元数据并同步到 Google 表格"
},
"typeVersion": 1
},
{
"id": "854a2420-e22f-4630-8b97-bd1e8f484158",
"name": "便签3",
"type": "n8n-nodes-base.stickyNote",
"position": [
-380,
100
],
"parameters": {
"color": 3,
"width": 1000,
"height": 360,
"content": "## 🕓 通过 NVD 跟踪 CVE 的变更历史并记录每次更新"
},
"typeVersion": 1
},
{
"id": "71f9bf5e-5ccd-4752-a583-6f751071b239",
"name": "便签",
"type": "n8n-nodes-base.stickyNote",
"position": [
-1140,
-340
],
"parameters": {
"width": 740,
"height": 800,
"content": "# NVD(国家漏洞数据库)"
},
"typeVersion": 1
},
{
"id": "16151bff-6c9d-441e-9ee5-5c73a2d3135a",
"name": "便签1",
"type": "n8n-nodes-base.stickyNote",
"position": [
-60,
-260
],
"parameters": {
"color": 7,
"width": 150,
"height": 80,
"content": "NVD API 密钥(通过 HTTP Header 认证)⬇️"
},
"typeVersion": 1
},
{
"id": "05222357-d84d-4615-9bfd-635ddc7c68b7",
"name": "便签说明4",
"type": "n8n-nodes-base.stickyNote",
"position": [
-60,
160
],
"parameters": {
"color": 7,
"width": 150,
"height": 80,
"content": "NVD API 密钥(通过 HTTP Header 认证)⬇️"
},
"typeVersion": 1
}
],
"active": true,
"pinData": {},
"settings": {
"executionOrder": "v1"
},
"versionId": "8c8d7836-7657-435e-bd05-e2223ddc0c1e",
"connections": {
"Fetch CVE from NVD API": {
"main": [
[
{
"node": "Parse CVE JSON → Flat Format",
"type": "main",
"index": 0
}
]
]
},
"Webhook: Get CVE Details": {
"main": [
[
{
"node": "Fetch CVE from NVD API",
"type": "main",
"index": 0
}
]
]
},
"Fetch CVE History from NVD API": {
"main": [
[
{
"node": "Parse CVE History JSON → Flat Format",
"type": "main",
"index": 0
}
]
]
},
"Parse CVE JSON → Flat Format": {
"main": [
[
{
"node": "Log CVE Metadata to Sheet",
"type": "main",
"index": 0
}
]
]
},
"Webhook: Get CVE Change History": {
"main": [
[
{
"node": "Fetch CVE History from NVD API",
"type": "main",
"index": 0
}
]
]
},
"Parse CVE History JSON → Flat Format": {
"main": [
[
{
"node": "Log CVE History to Sheet",
"type": "main",
"index": 0
}
]
]
}
}
}常见问题
如何使用这个工作流?
复制上方的 JSON 配置代码,在您的 n8n 实例中创建新工作流并选择「从 JSON 导入」,粘贴配置后根据需要修改凭证设置即可。
这个工作流适合什么场景?
中级 - 人工智能, 安全运维
需要付费吗?
本工作流完全免费,您可以直接导入使用。但请注意,工作流中使用的第三方服务(如 OpenAI API)可能需要您自行付费。
相关工作流推荐
安全隐私合规订阅源智能摘要
面向安全、隐私和合规订阅源的智能AI摘要
Set
Code
Sort
+8
43 节点Niranjan G
人工智能
自动化AWS IAM密钥泄露响应,使用Slack和Claude AI
自动化AWS IAM密钥泄露响应,使用Slack和Claude AI
Set
Code
Merge
+12
40 节点Niranjan G
人工智能
🕵️♂️ 自动GitHub扫描器 - 检测暴露的AWS IAM密钥
自动GitHub扫描器 - 检测暴露的AWS IAM密钥
If
Code
Wait
+6
18 节点Niranjan G
安全运维
AI房地产经纪人:端到端运营自动化(网络、数据、语音)
AI房地产经纪人:端到端运营自动化(网络、数据、语音)
If
Set
Code
+16
45 节点Sam Yassine
销售
AI Telegram 和 WhatsApp Business 代理
AI 驱动的 Telegram 和 WhatsApp Business 代理工作流
If
Set
Code
+8
21 节点Amanda Benks
人工智能
使用GPT-4o、WordPress和LinkedIn发布自动化RSS内容到博客文章
使用GPT-4o、WordPress和LinkedIn发布自动化RSS内容到博客文章
If
Set
Code
+21
40 节点Immanuel
人工智能
工作流信息
难度等级
中级
节点数量13
分类2
节点类型5
作者
Niranjan G
@niranjanCybersecurity leader turning complex workflows into seamless, AI-driven automations.
外部链接
在 n8n.io 查看 →
分享此工作流