API documentation

A JSON API over the ResilientX Security - CVE Navigator data: CVE records with CVSS, EPSS exploit prediction, CISA KEV status, CPE matching, vendor/product browsing, bulk prioritization, identifier resolution, and EU (EUVD) cross-references. Almost every endpoint is an HTTPS GET returning JSON (Prioritize is a POST). Base URL: https://community.resilientx.com.

Authentication & rate limits

The public API is free and needs no key. Every data endpoint — /api/v1/*, /enrich, and the legacy /cve/details and /api/cvefor — shares one budget of 30 requests per minute per IP; only /health and /status are exempt. For higher limits we issue an API key, sent as Authorization: Bearer YOUR_KEY or X-API-Key: YOUR_KEY, which bypasses the limit. Request one at [email protected].

Endpoints

Compatibility endpoints (legacy)

Frequently asked questions

Is the API free, and do I need a key?
The public API is free and needs no key. Every data endpoint shares one budget of 30 requests per minute per IP; an API key bypasses that limit. Request one at [email protected].
What format does the API return?
JSON over HTTPS. Almost every endpoint is a GET (bulk Prioritize is a POST). A machine-readable OpenAPI 3.1 specification is available at /api/v1/openapi.json.
How do I look up a single CVE?
GET /api/v1/cves/{id} returns the full record — CVSS, CWE, references, affected CPEs, EPSS, CISA KEV, and EUVD cross-references.
How do I find CVEs affecting a product?
Use GET /api/v1/cpe?cpe={cpe2.3} for a CPE match, or GET /api/v1/vendors/{vendor}/{product} to browse a vendor/product pair.

Higher limits and commercial use: [email protected].