API Resources

GET 1
/v3/index/{index}

Retrieve a paginated list of all documents from the index of your choice. By default, a maximum of 100 documents are shown per page.

Path Parameters

indexrequired
string

Name of an Exploit, Vulnerability, or IP Intelligence index

Query Parameters for All Indexes

cve
string (CVE-YYYY-N{4-7})

Specify a CVE ID to search with.

alias
string

Specify an alias to search with.

iava
string

Specify an IAVA ID to search with.

lastModStartDate
string (YYYY-MM-DD)

Specify a starting last modified date to filter with.

lastModEndDate
string (YYYY-MM-DD)

Specify an ending last modified date to filter with.

pubStartDate
string (YYYY-MM-DD)

Specify a starting published date to filter with.

pubEndDate
string (YYYY-MM-DD)

Specify a starting published date to filter with.

threat_actor
string

Specify a threat actor to search with. VulnCheck supported threat actor names are documented in the threat-actors index.

mitre_id
string

Specify a threat actor's MITRE ATT&CK Group ID to search with.

misp_id
string

Specify a threat actor MISP ID to search with.

ransomware
string

Specify a ransomware group to search with. VulnCheck supported ranswomare groups are documented in the ransomware index.

botnet
string

Specify a botnet name to search with. VulnCheck supported botnets are documented in the botnet index.

Query Parameters for IP Intelligence Indexes

The following optional query parameters apply to the ipintel-3d, ipintel-10d, ipintel-30d, & ipintel-90d IP Intelligence indexes.

asn
string

Specify a ASN (e.g., "AS719") to filter by.

cidr
string

Specify a CIDR to filter by.

country
string

Specify a Country (e.g., "Australia") to filter by.

country_code
string

Specify a Country Code (e.g., "AU") to filter by.

id
string

Specify a detection id ("c2", "initial-access", or "honeypot") to filter by.

Example Requests

curl --request GET \
    --url https://api.vulncheck.com/v3/index/exploits \
    --header "Accept: application/json" \
    --header 'Authorization: Bearer insert_token_here'

Response

{
  "_benchmark": 0.122322,
  "_meta": {
    "timestamp": "2024-02-23T20:35:43.732591251Z",
    "index": "exploits",
    "limit": 100,
    "total_documents": 79387,
    "sort": "_timestamp",
    "parameters": [
      {
        "name": "cve",
        "format": "CVE-YYYY-N{4-7}"
      },
      {
        "name": "alias"
      },
      {
        "name": "iava",
        "format": "[0-9]{4}[A-Z-0-9]+"
      },
      {
        "name": "threat_actor"
      },
      {
        "name": "mitre_id"
      },
      {
        "name": "misp_id"
      },
      {
        "name": "ransomware"
      },
      {
        "name": "botnet"
      },
      {
        "name": "published"
      },
      {
        "name": "lastModStartDate",
        "format": "YYYY-MM-DD"
      },
      {
        "name": "lastModEndDate",
        "format": "YYYY-MM-DD"
      },
      {
        "name": "pubStartDate",
        "format": "YYYY-MM-DD"
      },
      {
        "name": "pubEndDate",
        "format": "YYYY-MM-DD"
      }
    ],
    "order": "desc",
    "page": 1,
    "total_pages": 794,
    "max_pages": 6,
    "first_item": 1,
    "last_item": 100
  },
  "data": [
    {
      "id": "CVE-2023-50387",
      "public_exploit_found": true,
      "commercial_exploit_found": false,
      "weaponized_exploit_found": false,
      "max_exploit_maturity": "poc",
      "reported_exploited": false,
      "reported_exploited_by_threat_actors": false,
      "reported_exploited_by_ransomware": false,
      "reported_exploited_by_botnets": false,
      "inKEV": false,
      "inVCKEV": false,
      "timeline": {
        "nvd_published": "2024-02-14T16:15:00Z",
        "nvd_last_modified": "2024-02-23T02:15:00Z",
        "first_exploit_published": "2024-02-18T00:00:00Z",
        "most_recent_exploit_published": "2024-02-18T00:00:00Z"
      },
      "trending": {
        "github": false
      },
      "epss": {
        "epss_score": 0.03814,
        "epss_percentile": 0.9159,
        "last_modified": "2024-02-23T10:38:41.361178Z"
      },
      "counts": {
        "exploits": 1,
        "threat_actors": 0,
        "botnets": 0,
        "ransomware_families": 0
      },
      "exploits": [
        {
          "url": "https://github.com/knqyf263/CVE-2023-50387",
          "name": "knqyf263/CVE-2023-50387 exploit repository",
          "refsource": "github-exploits",
          "date_added": "2024-02-18T00:00:00Z",
          "exploit_maturity": "poc",
          "exploit_availability": "publicly-available",
          "exploit_type": "initial-access",
          "reference_url": "https://raw.githubusercontent.com/knqyf263/CVE-2023-50387/main/README.md",
          "clone_ssh_url": "git@github.com:knqyf263/CVE-2023-50387.git",
          "clone_ssh_url_cached": "git@git.vulncheck.com:github.com/knqyf263/CVE-2023-50387.git"
        }
      ],
      "date_added": "2024-02-18T00:00:00Z",
      "_timestamp": "2024-02-23T15:15:57.600519Z"
    }
  ]
}