Send Organized Security CVE Digests from NVD with AI-Polished Summaries to Gmail

Summary

Turns the latest CVEs from NVD into a clean, sortable email digest (table + plaintext) and sends it via Gmail. The flow pulls the newest CVEs, extracts Vendor / Product / Version, severity & CVSS, highlights public exploit references, drafts an HTML table, then asks OpenAI to tighten the copy before emailing it. Optionally, you can swap the Gmail node to Signal, Slack, Microsoft Teams, etc.

Perfect for: SecOps leads who want a low-noise digest of what changed recently, grouped and ranked by severity.

What this workflow does

• Triggers on a schedule (every 30 minutes by default).

• Calls the NVD 2.0 API to fetch recent CVEs.

• Parses each CVE to extract:

  • Vendor / Product / Version(s) (from CPE 2.3 where available, with a text fallback)

  • Severity + CVSS (V3.1/V3.0/V2 fallback) and vector string

  • Exploit signal (tags/links like Exploit‑DB, GitHub PoCs, etc.)

  • Short English summary + direct NVD link

• Builds an HTML email (and a plaintext fallback) ranked by severity then score.

• Uses OpenAI to polish the subject line and copy into a concise, professional digest (JSON‑only contract).

• Sends the digest with the Gmail node.

Prerequisites

• NVD API key (free) --- create at https://nvd.nist.gov/developers/request-an-api-key

• OpenAI API key with access to gpt-4o-mini (or change the model)

• Email sending:

  • Gmail node with OAuth2 (recommended), or swap to the generic Email Send (SMTP) node if you prefer.

Quick start

1. Import the workflow JSON below.

2. Open HTTP Request → Headers and confirm apiKey uses {{$env.NVD_API_KEY}}.

3. Open Send a message (Gmail) and set To to {{$env.RECIPIENT_EMAIL}} (or your address).

4. Open OpenAI Email Crafter and connect your OpenAI credential (or change model if needed).

5. Hit Execute to test, then Activate when happy.

Credits

Created by ca7ai (n8n Creator).

Tags

security, cve, cisa, nvd, email, monitoring, openai, gmail, automation