API & Data Consumability

New Batch PURL Vulnerability Endpoint

Endpoint: POST /v3/purls

What’s New:
Supports batch vulnerability checks for thousands of PURLs in a single request.

Performance:
~90% faster than equivalent workloads using /v3/purl (tested with ~5,000 PURLs).

Backward Compatibility:
Existing /v3/purl endpoint remains fully supported.

CLI / GitHub Action Impact:

  • CLI scan command now uses /v3/purls by default.
  • GitHub Action users automatically benefit from significantly faster scans.

Why It Matters:
Enables high-throughput, large-scale package vulnerability analysis without client-side batching or orchestration.

Documentation:
https://docs.vulncheck.com/api/purls

Performance & Reliability

Global Infrastructure Expansion

  • Added S3 access points in two additional international regions.
  • Reduced latency for global users.
  • Improved support for local data residency requirements.

IAM & Backup Access Fix

  • Updated IAM permissions to allow customers to download Juniper backups, resolving a reported access issue.

New Capabilities & Platform Improvements

CLI Enhancements

  • Added an upgrade command, simplifying CLI lifecycle management.

Site & Console Improvements

  • Added pagination to advisory cards.
  • Improved table readability in blog posts.
  • Enhanced vulnerability reporting workflows.

Documentation

  • Introduced automated workflows for index status badges.
  • Published documentation for the new /v3/purls endpoint.

Data Quality Fixes

  • Fixed missing CISA KEV field for CVE-2025-14174.
  • Corrected CPE generation issues affecting Apple watchOS and visionOS.
  • Resolved discrepancies for CVE-2025-0655 and CVE-2024-55890.
  • Fixed KEV override precedence to ensure correct enrichment from CISA KEV and VulnCheck KEV sources.

December 2nd, 2025