Tushar Mishra This workflow corresponds to n8n.io template #7224 — we link there as the canonical source.
This workflow follows the HTTP Request → Informationextractor recipe pattern — see all workflows that pair these two integrations.
The workflow JSON
Copy or download the full n8n JSON below. Paste it into a new n8n workflow, add your credentials, activate. Full import guide →
{
"id": "VSUVQ0IMSqJG3w9T",
"meta": {
"templateId": "2552",
"templateCredsSetupCompleted": true
},
"name": "Extract and Create Vulnerabilities in ServiceNow",
"tags": [],
"nodes": [
{
"id": "e0583472-a450-4582-83bc-84a014bea543",
"name": "Split Out",
"type": "n8n-nodes-base.splitOut",
"position": [
2144,
448
],
"parameters": {
"include": "selectedOtherFields",
"options": {
"destinationFieldName": "body"
},
"fieldToSplitOut": "output.results",
"fieldsToInclude": "pubStartDate,pubEndDate,cveId,cvssV2Severity,Description"
},
"typeVersion": 1
},
{
"id": "a63c3ab3-6aab-43b2-8af6-8b00e24e0ee6",
"name": "OpenAI Chat Model",
"type": "@n8n/n8n-nodes-langchain.lmChatOpenAi",
"position": [
1808,
624
],
"parameters": {
"options": {}
},
"credentials": {
"openAiApi": {
"name": "<your credential>"
}
},
"typeVersion": 1
},
{
"id": "40326966-0c46-4df2-8d80-fa014e05b693",
"name": "Information Extractor",
"type": "@n8n/n8n-nodes-langchain.informationExtractor",
"position": [
1760,
448
],
"parameters": {
"text": "={{$json.data}}",
"options": {
"systemPromptTemplate": "You are an expert data extraction algorithm.\nYour task is to read any given text and extract only the relevant information for NVD CVE API search parameters.\n\nOutput format: Always return a single JSON object called \"results\".\nObject structure: The object may include only the following keys, matching their expected formats:\nstartIndex (integer, \u2265 0)\nresultsPerPage (integer, 1\u20132000)\npubStartDate (string, ISO 8601 date-time)\npubEndDate (string, ISO 8601 date-time)\nmodStartDate (string, ISO 8601 date-time)\nmodEndDate (string, ISO 8601 date-time)\ncvssV2Severity (string, one of: \"LOW\", \"MEDIUM\", \"HIGH\")\ncvssV3Severity (string, one of: \"LOW\", \"MEDIUM\", \"HIGH\", \"CRITICAL\")\nkeywordSearch (string)\ncpeName (string)\ncpeMatchString (string)\nhasCertAlerts (boolean)\nhasCertNotes (boolean)\nhasKev (boolean)\nisVulnerable (boolean)\ncveId (string, pattern: )\nDescription(string)\nIf you cannot find a value for a given attribute, omit that attribute.\nDo not include extra keys or commentary."
},
"schemaType": "manual",
"inputSchema": "{\n \"results\": {\n \"startIndex\": 0,\n \"resultsPerPage\": 10,\n \"pubStartDate\": \"1988-10-01T04:00:00.000Z\",\n \"pubEndDate\": \"1990-10-03T04:00:00.000Z\",\n \"modStartDate\": \"2025-04-03T01:03:51.193Z\",\n \"modEndDate\": \"2025-04-03T01:03:51.193Z\",\n \"cvssV2Severity\": \"HIGH\",\n \"cveId\": \"CVE-1999-0095\",\n \"cpeName\": \"cpe:2.3:a:eric_allman:sendmail:5.58:*:*:*:*:*:*:*\",\n \"cpeMatchString\": \"cpe:2.3:a:eric_allman:sendmail:5.58:*:*:*:*:*:*:*\",\n \"isVulnerable\": true,\n \"hasCertAlerts\": false,\n \"hasCertNotes\": true,\n \"hasKev\": false,\n \"cvssV3Severity\": \"HIGH\",\n \"keywordSearch\": \"sendmail\",\n \"description\":\"String\"\n }\n}\n"
},
"typeVersion": 1
},
{
"id": "8ddca560-8da7-4090-b865-0523f95ca463",
"name": "Jina Fetch",
"type": "n8n-nodes-base.httpRequest",
"position": [
1520,
448
],
"parameters": {
"url": "https://r.jina.ai/https://services.nvd.nist.gov/rest/json/cves/2.0/?resultsPerPage=10",
"options": {
"allowUnauthorizedCerts": true
}
},
"typeVersion": 4.1
},
{
"id": "a18d7899-1e0c-49c7-83e9-04f26f695f66",
"name": "Create an incident",
"type": "n8n-nodes-base.serviceNow",
"position": [
2400,
448
],
"parameters": {
"resource": "incident",
"operation": "create",
"authentication": "basicAuth",
"additionalFields": {
"description": "=First Published on : {{$('Split Out').item.json.body.pubStartDate }}\nLast Published on : {{$('Split Out').item.json.body.pubEndDate }}\nSeverity : {{$('Split Out').item.json.body.cvssV2Severity }}\nCVEID : {{$('Split Out').item.json.body.cveId }}\nMatching String: {{$('Split Out').item.json.body.cpeMatchString }}"
},
"short_description": "={{ $json.body.description }}"
},
"credentials": {
"serviceNowBasicApi": {
"name": "<your credential>"
}
},
"typeVersion": 1
},
{
"id": "e7f1f9c0-63a2-4d4a-88cb-e089ea25d823",
"name": "Schedule Trigger",
"type": "n8n-nodes-base.scheduleTrigger",
"position": [
1056,
448
],
"parameters": {
"rule": {
"interval": [
{
"triggerAtHour": 7
}
]
}
},
"typeVersion": 1.2
}
],
"active": false,
"settings": {},
"versionId": "d97a1e4a-f450-4c4d-8d85-877a5feebe98",
"connections": {
"Split Out": {
"main": [
[
{
"node": "Create an incident",
"type": "main",
"index": 0
}
]
]
},
"Jina Fetch": {
"main": [
[
{
"node": "Information Extractor",
"type": "main",
"index": 0
}
]
]
},
"Schedule Trigger": {
"main": [
[
{
"node": "Jina Fetch",
"type": "main",
"index": 0
}
]
]
},
"OpenAI Chat Model": {
"ai_languageModel": [
[
{
"node": "Information Extractor",
"type": "ai_languageModel",
"index": 0
}
]
]
},
"Information Extractor": {
"main": [
[
{
"node": "Split Out",
"type": "main",
"index": 0
}
]
]
}
}
}
Credentials you'll need
Each integration node will prompt for credentials when you import. We strip credential IDs before publishing — you'll add your own.
openAiApiserviceNowBasicApi
For the full experience including quality scoring and batch install features for each workflow upgrade to Pro
About this workflow
This n8n workflow automatically fetches the latest CVE data at scheduled intervals, extracts relevant security details, and creates a corresponding Security Incident in ServiceNow for each new vulnerability.
Source: https://n8n.io/workflows/7224/ — original creator credit. Request a take-down →
Related workflows
Workflows that share integrations, category, or trigger type with this one. All free to copy and import.
Deduplicate Scraping Ai Grants For Eligibility Using Ai. Uses splitOut, httpRequest, lmChatOpenAi, informationExtractor. Scheduled trigger; 24 nodes.
This n8n template scrapes a list of AI grants from grants.gov and qualifies them using AI; determining interest and eligibility for the business. It then sends an email alert of interesting items to t
Sign up for Decodo — get better pricing here
Automates the retrieval of Calvin and Hobbes daily comics. Extracts the comic image URL from the website. Translates comic dialogues to English and Korean. Posts the comic and translations to Discord
This n8n workflow automatically monitors RSS feeds for the latest AI vulnerability news, extracts key threat details, and creates a corresponding Security Incident in ServiceNow for each item.