Trending Vulnerabilities
To monitor for trending vulnerabilties, use the vulnerabilities index page, with the 'sort' parameter set to one of the following:
trending_1d
trending_7d
trending_30d
Endpoint to browse vulnerabilities, with filters on some criteria.
A string used to filter vulnerabilities. It can start with specific prefixes to indicate the type of filter:
cve:: Filter by CVE ID.uuid:: Filter by UUID.desc:: Filter by description.gen_description:: Filter by gen_description.gen_display_name:: Filter by gen_display_name.cisa_kev:: Filter by cisa_kev.state:: Filter by state.- If the filter string matches the pattern
CVE-or a UUID pattern, it will be treated as a specific filter. - If no prefix is provided, it defaults to a description filter.
Field to sort by - either cve_id, created_at, updated_at, enriched_at, cvss_base_score, cvss_version, epss_score, epss_percentile, trending_1d, trending_7d, or trending_30d
created_atPattern: ^(cve_id|created_at|updated_at|enriched_at|cvss_base_score|cvss_version|epss_score|epss_percentile|trending_1d|trending_7d|trending_30d)$Sort order - either asc or desc
descPattern: ^(asc|desc)$The number of items to skip before starting to collect the result set.
0The maximum number of items to return.
100Successful Response
Not found
Validation Error
GET /v1/vulnerabilities HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T20:58:20.765Z",
"updated_at": "2025-10-24T20:58:20.765Z",
"enriched_at": "2025-10-24T20:58:20.765Z",
"cve_id": "text",
"state": "text",
"description": "text",
"cvss_base_score": 1,
"cvss_version": 1,
"cvss_vector": "text",
"cvss_source": "text",
"cvss_type": "text",
"cvss_data": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"epss_score": 1,
"epss_percentile": 1,
"cisa_kev_added_at": "2025-10-24T20:58:20.765Z",
"reserved_at": "2025-10-24T20:58:20.765Z",
"published_at": "2025-10-24T20:58:20.765Z",
"upstream_references": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"raw_mitre_cvelist_v5_cves_adp": [
{
"ANY_ADDITIONAL_PROPERTY": "anything"
}
],
"gen_description": "text",
"gen_display_name": "text",
"gen_cwe_id": "text",
"gen_impact": "text",
"gen_mitigations": "text",
"gen_remediation": "text"
}
]
}Once you've identified the ideal aperature, and you'd like more detail about /why/ they are trending, you can simply build a list of the vulnerability uuids and request each one individually, getting recent mentions using the following endpoint:
The unique CVE ID or UUID of the vulnerability to retrieve
Number of items to skip
0Maximum number of items to return
100Field to sort by
published_atPattern: ^(created_at|updated_at|published_at|source)$Sort order
descPattern: ^(asc|desc)$Filter parameter (e.g., 'user_generated_content:true' or 'user_generated_content:false')
Successful Response
Not found
Validation Error
GET /v1/vulnerabilities/{identifier}/mentions HTTP/1.1
Host:
Accept: */*
{
"total": 1,
"offset": 1,
"limit": 1,
"message": "text",
"data": [
{
"uuid": "text",
"created_at": "2025-10-24T20:58:20.765Z",
"updated_at": "2025-10-24T20:58:20.765Z",
"published_at": "2025-10-24T20:58:20.765Z",
"overview": "text",
"context": "text",
"reference_uuid": "text",
"reference_url": "text",
"reference_source": "text",
"reference_user_generated_content": true,
"reference_topic": "text",
"vulnerability_uuid": "text",
"cve_id": "text",
"vulnerability_gen_display_name": "text"
}
]
}Last updated