CVE速览
中级
这是一个Miscellaneous, AI Summarization, Multimodal AI领域的自动化工作流,包含 12 个节点。主要使用 Set, Slack, SplitOut, HttpRequest, Agent 等节点。 使用Gemini AI监控新CVE漏洞用于漏洞赏金狩猎并发送Slack警报
前置要求
- •Slack Bot Token 或 Webhook URL
- •可能需要目标 API 的认证凭证
- •Google Gemini API Key
工作流预览
可视化展示节点连接关系,支持缩放和平移
导出工作流
复制以下 JSON 配置到 n8n 导入,即可使用此工作流
{
"id": "Mg7AXksWUAkq3gfL",
"meta": {
"instanceId": "c5257b5cf4d48704d636909c07c4408a69d6799d0a855eab46287eeb702c84b0",
"templateCredsSetupCompleted": true
},
"name": "CVE 速览",
"tags": [],
"nodes": [
{
"id": "3f9c06b8-41e5-4328-bea9-f58408b6b944",
"name": "计划触发器",
"type": "n8n-nodes-base.scheduleTrigger",
"position": [
-672,
192
],
"parameters": {
"rule": {
"interval": [
{
"field": "hours"
}
]
}
},
"typeVersion": 1.2
},
{
"id": "5e7e6a0f-8ae6-4190-b85d-c0615b5af6ff",
"name": "📒 概述",
"type": "n8n-nodes-base.stickyNote",
"position": [
-1360,
128
],
"parameters": {
"color": 4,
"width": 556,
"height": 228,
"content": "## 🎯 CVE 速览 - 漏洞赏金 CVE 监控器"
},
"typeVersion": 1
},
{
"id": "3f6d4779-9fef-47ef-8ac4-ba4f57a8caf3",
"name": "HTTP 请求",
"type": "n8n-nodes-base.httpRequest",
"position": [
-448,
192
],
"parameters": {
"url": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"options": {},
"sendQuery": true,
"queryParameters": {
"parameters": [
{
"name": "pubStartDate",
"value": "={{ new Date(Date.now() - 60 * 60 * 1000).toISOString() }}"
},
{
"name": "pubEndDate",
"value": "={{ new Date().toISOString() }}"
},
{
"name": "resultsPerPage",
"value": "20"
},
{
"name": "startIndex",
"value": "0"
}
]
}
},
"typeVersion": 4.2
},
{
"id": "534cbfa4-7db1-4a70-92e8-0b07fc0fa07a",
"name": "📒 NIST API",
"type": "n8n-nodes-base.stickyNote",
"position": [
-560,
-160
],
"parameters": {
"color": 2,
"width": 344,
"height": 204,
"content": "## 🔍 NIST CVE API"
},
"typeVersion": 1
},
{
"id": "a61a8245-ac38-4b35-8ad3-398c1a3209ff",
"name": "分离输出",
"type": "n8n-nodes-base.splitOut",
"position": [
-256,
192
],
"parameters": {
"options": {},
"fieldToSplitOut": "vulnerabilities"
},
"typeVersion": 1
},
{
"id": "0909109e-ae80-48ee-80f0-6e003b3cbb92",
"name": "编辑字段",
"type": "n8n-nodes-base.set",
"position": [
-48,
192
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "56767386-f217-4b9e-ba8d-518dd98e5a25",
"name": "cve",
"type": "string",
"value": "={{ $json.cve.id }}"
},
{
"id": "74c34102-5090-4bc5-99d3-4403366eff89",
"name": "published",
"type": "string",
"value": "={{ \n new Date($json.cve.published).toLocaleString('en-GB', { \n timeZone: 'UTC',\n weekday: 'short',\n year: 'numeric',\n month: 'short',\n day: 'numeric',\n hour: '2-digit',\n minute: '2-digit',\n hour12: false\n }) + ' (UTC)' \n}}"
},
{
"id": "a23a198f-fac6-425a-9f0a-2aa48cf5225b",
"name": "cve_descriptions",
"type": "string",
"value": "={{ $json.cve.descriptions[0].value }}"
},
{
"id": "ed88ec1b-7b98-477f-87f0-e7353b794129",
"name": "severity",
"type": "string",
"value": "={{\n $json.cve.metrics.cvssMetricV40\n ? $json.cve.metrics.cvssMetricV40[0].cvssData.baseSeverity + ' (' + $json.cve.metrics.cvssMetricV40[0].cvssData.baseScore + ')'\n : $json.cve.metrics.cvssMetricV31\n ? $json.cve.metrics.cvssMetricV31[0].cvssData.baseSeverity + ' (' + $json.cve.metrics.cvssMetricV31[0].cvssData.baseScore + ')'\n : $json.cve.metrics.cvssMetricV30\n ? $json.cve.metrics.cvssMetricV30[0].cvssData.baseSeverity + ' (' + $json.cve.metrics.cvssMetricV30[0].cvssData.baseScore + ')'\n : $json.cve.metrics.cvssMetricV2\n ? $json.cve.metrics.cvssMetricV2[0].cvssData.baseSeverity + ' (' + $json.cve.metrics.cvssMetricV2[0].cvssData.baseScore + ')'\n : 'Unknown'\n}}"
},
{
"id": "992a9a62-3980-4287-8a47-4fb2e46220a5",
"name": "references",
"type": "string",
"value": "={{ $json.cve.references[0].url }}"
}
]
}
},
"typeVersion": 3.4
},
{
"id": "45d4125a-338b-4821-a40f-7b95000e9a1d",
"name": "📒 处理",
"type": "n8n-nodes-base.stickyNote",
"position": [
-320,
448
],
"parameters": {
"color": 3,
"width": 298,
"height": 226,
"content": "## ⚙️ 数据处理"
},
"typeVersion": 1
},
{
"id": "c03e59c1-16ba-4d19-8c8c-0a029158ce35",
"name": "Google Gemini聊天模型",
"type": "@n8n/n8n-nodes-langchain.lmChatGoogleGemini",
"position": [
32,
400
],
"parameters": {
"options": {},
"modelName": "models/gemini-2.5-pro"
},
"credentials": {
"googlePalmApi": {
"id": "9X33EcTu2Vxq1AUX",
"name": "Google Gemini Cheekymisa"
}
},
"typeVersion": 1
},
{
"id": "65ffe2f0-c788-44c4-b8cd-d0b49a3ef6ea",
"name": "CVE 摘要生成器",
"type": "@n8n/n8n-nodes-langchain.agent",
"position": [
160,
192
],
"parameters": {
"text": "=CVE: {{ $json.cve }}\nSeverity: {{ $json.severity }}\nPublished: {{ $json.published }}\nDescription: {{ $json.cve_descriptions }}\nRef: {{ $json.references }}`",
"options": {
"systemMessage": "=You are a CVE relevance analyzer for elite bug bounty hunters. You analyze CVE data and return **well-structured, Slack-ready assessments** with high exploitation value.\n\nYour audience is an elite-level bug bounty hunter. Your job is to extract only what helps them:\n* Decide if this CVE is worth their time\n* Find similar patterns on their targets \n* Use actionable testing strategies\n\n---\n\n**Mindset & Output Philosophy**\n\n* Focus only on real, actionable techniques for bug bounty testing\n* Do not explain basic vulnerability concepts\n* Think modularly - what can be reused, chained, or tested on other targets?\n* Your assessment should help the hunter immediately decide:\n -> \"Can I use this on my targets?\"\n -> \"Should I prioritize this?\"\n -> \"What should I test?\"\n\n---\n\n**Required Output Format** (Slack-Optimized)\n\n\n*CVE:* <Reference-Link|CVE-ID> | *Severity:* SEVERITY-LEVEL\n\n🎯 *Bug Bounty Relevance:* HIGH/MEDIUM/LOW/NONE\n\n[1-2 precise lines explaining why this matters for bug bounty based on the exact CVE description - be specific to the vulnerability, not generic]\n\n*Strategy:* [One actionable technique - mass scan targets, test specific endpoints, check for patterns, etc.]\n\n\n---\n\n**Critical Formatting Rules**\n\n* Use Slack hyperlink format: `<https://example.com|Display Text>` \n* This creates a clickable \"Display Text\" that links to the URL\n* The URL itself will NOT be visible in Slack\n* Use asterisks for bold: `*Bold Text*`\n* Keep total response under 5 lines\n* Always include the exact CVE description as provided\n* Be brutally honest about bounty relevance\n\n---\n\n**Example Output:**\n\n\n*CVE:* <https://github.com/Pierrad/obsidian-github-copilot/releases/tag/1.1.7|CVE-2025-58401> | *Severity:* MEDIUM (5.1)\n\n🎯 *Bug Bounty Relevance:* HIGH\n\nObsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form. As a result, an attacker may perform unauthorized operations on the linked Github account.\n\n*Strategy:* Target apps with GitHub integrations; check localStorage, sessionStorage, and API responses for exposed tokens.\n\n\n**Low Relevance Example:**\n\n\n*CVE:* <https://example.com/advisory|CVE-2025-12345> | *Severity:* HIGH (8.2)\n\n🎯 *Bug Bounty Relevance:* NONE\n\nKernel-level privilege escalation requiring local system access. Not testable through web interfaces or external attack surface.\n\n*Strategy:* Skip - infrastructure vulnerability outside bounty scope.\n\n\n---\n\n**Reminder**\n\nKeep all output Slack-safe, well-formatted, and directly useful for offensive testing. Your job is to surface only the **most operationally valuable** content for bug bounty hunting.\n\nAlways think: **\"What would a skilled bounty hunter test differently because of this CVE?\"**"
},
"promptType": "define"
},
"typeVersion": 2.2
},
{
"id": "f8617b9c-00af-4d63-b652-0ecc30893058",
"name": "📒 AI 分析",
"type": "n8n-nodes-base.stickyNote",
"position": [
96,
-176
],
"parameters": {
"color": 6,
"width": 376,
"height": 304,
"content": "## 🤖 AI 分析"
},
"typeVersion": 1
},
{
"id": "e7efc350-1476-44c9-a1c4-269f5bd030b8",
"name": "发送消息",
"type": "n8n-nodes-base.slack",
"position": [
512,
192
],
"webhookId": "73f0bf25-0c43-4d3f-94d5-8f66bf318592",
"parameters": {
"text": "={{ $json.output }}",
"select": "channel",
"channelId": {
"__rl": true,
"mode": "list",
"value": "",
"cachedResultName": "your-channel"
},
"otherOptions": {
"includeLinkToWorkflow": false
}
},
"credentials": {
"slackApi": {
"id": "KMn1ITf3sSzQKWoQ",
"name": "Slack Whisper bot"
}
},
"typeVersion": 2.3
},
{
"id": "8483eb0f-02c9-4314-8264-551980e46053",
"name": "📒 Slack 设置",
"type": "n8n-nodes-base.stickyNote",
"position": [
768,
128
],
"parameters": {
"color": 5,
"width": 464,
"height": 240,
"content": "## 💬 Slack 集成"
},
"typeVersion": 1
}
],
"active": false,
"pinData": {},
"settings": {
"executionOrder": "v1"
},
"versionId": "84076fbc-d57e-45a5-9dae-6d4379a950ea",
"connections": {
"Split Out": {
"main": [
[
{
"node": "Edit Fields",
"type": "main",
"index": 0
}
]
]
},
"Edit Fields": {
"main": [
[
{
"node": "CVE Summarizer",
"type": "main",
"index": 0
}
]
]
},
"HTTP Request": {
"main": [
[
{
"node": "Split Out",
"type": "main",
"index": 0
}
]
]
},
"CVE Summarizer": {
"main": [
[
{
"node": "Send a message",
"type": "main",
"index": 0
}
]
]
},
"Schedule Trigger": {
"main": [
[
{
"node": "HTTP Request",
"type": "main",
"index": 0
}
]
]
},
"Google Gemini Chat Model": {
"ai_languageModel": [
[
{
"node": "CVE Summarizer",
"type": "ai_languageModel",
"index": 0
}
]
]
}
}
}常见问题
如何使用这个工作流?
复制上方的 JSON 配置代码,在您的 n8n 实例中创建新工作流并选择「从 JSON 导入」,粘贴配置后根据需要修改凭证设置即可。
这个工作流适合什么场景?
中级 - 杂项, AI 摘要总结, 多模态 AI
需要付费吗?
本工作流完全免费,您可以直接导入使用。但请注意,工作流中使用的第三方服务(如 OpenAI API)可能需要您自行付费。
相关工作流推荐
会议记录通知
使用Gemini AI和Slack通知自动化会议笔记摘要
Set
Code
Slack
+9
16 节点Sayone Technologies
AI 摘要总结
使用Gemini、Slack和Notion从新闻简报创建AI情报摘要
使用Gemini、Slack和Notion从新闻简报创建AI情报摘要
Set
Code
Gmail
+12
19 节点Harry Siggins
杂项
每日 WhatsApp 群组智能分析:GPT-4.1 分析与语音消息转录
每日 WhatsApp 群组智能分析:GPT-4.1 分析与语音消息转录
If
Set
Code
+20
52 节点Daniel Lianes
杂项
使用AI分析检测病毒式YouTube视频并发送邮件报告
使用AI分析检测病毒式YouTube视频并发送邮件报告
Set
Code
Sort
+14
26 节点gclbck
杂项
使用 Claude 和 MCP 通过 Slack 为 Meta Ads 广告系列生成 AI 报告
通过 Slack 使用 Claude 和 Pipeboard MCP 为 Meta Ads 广告系列生成 AI 报告
Set
Slack
Split Out
+5
13 节点Yves Junqueira
杂项
使用Gemini AI视觉分析与Telegram警报监控X平台品牌提及
使用Gemini AI视觉分析与Telegram警报监控X平台品牌提及
If
Set
Code
+13
24 节点Atta
杂项
