The Vulnerability Search API endpoint empowers clients to perform advanced, flexible searches over a large corpus of vulnerability data. It is designed to support a wide variety of use cases, including threat intelligence analysis, vulnerability management workflows, reporting, and automated ingestion into security platforms.
This endpoint provides a robust and highly customizable interface through an extensive set of query parameters. Users can precisely filter and narrow down results based on:
Free-text search in titles, descriptions, and metadata,
Specific vendor and product names to isolate relevant software or hardware vulnerabilities,
Date ranges for when vulnerabilities were identified or last updated,
Severity scoring filters using CVSS (Common Vulnerability Scoring System) and EPSS (Exploit Prediction Scoring System),
Risk ratings to capture organizational severity categories,
Tags for thematic or contextual classification (e.g., ransomware, zero-day, remote code execution),
Options to include advanced metadata, return only IDs, and control pagination of results.
Whether the goal is to locate high-risk vulnerabilities for a particular vendor in a defined timeframe or to extract a structured list of vulnerability IDs for automation purposes, this endpoint enables deep and accurate data access with high performance and clarity.
✅ Common Use Cases
Identify all critical vulnerabilities affecting a given vendor and product in the last 30 days.
Export a list of vulnerability IDs with a CVSS score above 7.5 and EPSS score above 0.5.
Filter vulnerabilities by assigned tags such as supply-chain, rce, or phishing.
Generate weekly or monthly reports based on date filters and severity levels.
Drive automated remediation workflows by pulling targeted vulnerability sets
Parameter | Type | Required | Description |
|---|---|---|---|
| string | Yes | General text search across vulnerability descriptions and metadata. |
| string | Yes | Filters vulnerabilities by vendor name. |
| string | Yes | Filters vulnerabilities by product name. |
| string (ISO 8601 date) | Yes | Start date for the "identified" date range filter. |
| string (ISO 8601 date) | Yes | End date for the "identified" date range filter. |
| string (ISO 8601 date) | Yes | Start date for the "updated" date range filter. |
| string (ISO 8601 date) | Yes | End date for the "updated" date range filter. |
| string[] | Yes | List of tags to filter vulnerabilities (e.g., `["CisaKev","NotInNvd", "PotentialPoc", "MetasploitModule", "NucleiTemplate", "PatchTuesday", "PotentialPublicExploit", "CytidelSpotlight", "KnownThreatActor", "GithubRepo"]`). |
| number | Yes | Minimum CVSS score for filtering. |
| number | Yes | Maximum CVSS score for filtering. |
| number | Yes | Minimum EPSS score for filtering. |
| number | Yes | Maximum EPSS score for filtering. |
| boolean | Yes | Include vulnerabilities with a Low risk rating. |
| boolean | Yes | Include vulnerabilities with a Moderate risk rating. |
| boolean | Yes | Include vulnerabilities with an Elevated risk rating. |
| boolean | Yes | Include vulnerabilities with a High risk rating. |
| boolean | Yes | Include vulnerabilities with a Significant risk rating. |
| string | Yes | Additional keyword filter on free-form text fields. |
| boolean | Yes | If true, includes extended metadata in the response. |
| boolean | Yes | If true, response will return only vulnerability IDs without full details. |
| number | Yes | Page number for pagination. |
| number | Yes | Number of results per page. |