Skip to main content

API Overview

The CyberSecFeed API provides comprehensive vulnerability intelligence through a RESTful interface.

Base URL

All API requests should be made to:

https://api.cybersecfeed.com

API Version

The current API version is v1.5. All endpoints are prefixed with /api/v1/.

Latest Features (v1.5) - Now Production Default

All v1.5 features are now enabled by default with no feature flags required:

  • Advanced Sorting: Sort by severity, EPSS score, published/modified dates (8 sort options)
  • Field Selection: Reduce payload size by up to 85% with selective field returns
  • Severity Level Filtering: Filter by named severity levels (critical/high/medium/low)
  • Exploit Filtering: Filter for exploitable CVEs (KEV + enrichment-based detection)
  • Enterprise Batch Endpoint: POST /api/v1/cve/batch with 86% cost savings (35 credits for up to 50 CVEs)
  • Credit-Based Pricing: Transparent, usage-based pricing with no rate limits on paid plans
  • Enhanced EPSS Integration: Complete EPSS scores and percentile rankings
  • Comprehensive Threat Intelligence: KEV, EPSS, and enrichment data in all responses

Authentication

All API requests require authentication using an API key provided in the request headers.

Required Header

X-API-Key: your-api-key-here

Example Request with Authentication

curl -H "X-API-Key: your-api-key-here" \
     https://api.cybersecfeed.com/api/v1/ping

Credit System

All API endpoints consume credits based on computational cost and value delivered:

  • Most endpoints cost 1-5 credits per request
  • Batch operations offer significant savings (35 credits for up to 50 CVEs vs 250 for individual calls)
  • Free plans include 1,000 credits/month with basic rate limiting
  • Paid plans have no rate limits, only monthly credit quotas

Monitor your usage via the /api/v1/usage endpoint.

Requests without a valid API key will receive a 401 Unauthorized response. Requests exceeding your credit quota will receive a 429 Too Many Requests response.

Response Format

All API responses follow a consistent JSON structure:

{
	"data": {
		// Response data specific to the endpoint
	},
	"meta": {
		"timestamp": "2024-01-25T12:00:00Z",
		"version": "v1",
		"correlationId": "unique-request-id"
	}
}

Success Responses

Success responses will have HTTP status codes in the 2xx range and include the requested data in the data field.

Error Responses

Error responses will have appropriate HTTP status codes (4xx or 5xx) and include error details:

{
	"error": {
		"code": "ERROR_CODE",
		"message": "Human-readable error message",
		"details": {
			// Additional error context
		}
	},
	"meta": {
		"timestamp": "2024-01-25T12:00:00Z",
		"version": "v1",
		"correlationId": "req-12345"
	}
}

Content Type

All requests and responses use JSON format. Include the following header in your requests:

Content-Type: application/json

HTTP Methods

The API uses standard HTTP methods:

  • GET: Retrieve data (CVE details, lists, statistics)
  • POST: Batch operations (/api/v1/cve/batch for bulk CVE retrieval)
  • PUT: Not currently used
  • DELETE: Not currently used

Compression

Responses are automatically compressed using gzip when supported by the client. Include the following header to enable compression:

Accept-Encoding: gzip

CORS Support

The API supports Cross-Origin Resource Sharing (CORS) for browser-based applications. Allowed origins must be configured in your account settings.