API Resources

GET
/v3/identify

Request identifiers related to a (vendor, product, version) query

VulnCheck converts (vendor, product, version) queries and returns a best match CPE and PURL identifiers.

Path Parameters

vendor
string
Values for this attribute should describe or identify the person or organization that manufactured or created the product. Any character string meeting the requirements for Well-formed Names (WFNs) may be specified as the value of the attribute.
product
string
The name of the system/package/component. Product and vendor are sometimes identical. It can not contain spaces, slashes, or most special characters. An underscore should be used in place of whitespace characters.
version
string
The version of the system/package/component. This is typically a semantic version string, but may very by vendor.

Example Requests

curl --request GET \
    --url 'https://api.vulncheck.com/v3/identify?vendor=microsoft%20corporation&product=office%202016' \
    --header 'Accept: application/json' \
    --header 'Authorization: Bearer insert_token_here'

Response

[
  {
    "identity": {
      "part": "a",
      "vendor": "microsoft",
      "product": "office",
      "version": "2016",
      "year": "2016"
    },
    "attributes": {
      "update": "*",
      "edition": "*",
      "language": "*",
      "sw_edition": "*",
      "target_sw": "*",
      "target_hw": "*",
      "other": "*"
    },
    "normalized": {
      "title": "Office 2016",
      "version": "2016"
    },
    "identifiers": {
      "cpe": [
        {
          "value": "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*",
          "confidence": {
            "level": "medium",
            "source": "inference"
          },
          "aliases": []
        }
      ],
      "purl": []
    },
    "suggestions": {
      "cpe": [],
      "purl": []
    },
    "lifecycle": {
      "created_at": "2025-09-12T16:53:23.307436"
    }
  }
]

/v3/search/cpe

Introduction to Indices