API Concepts Manage API Key
Internet Data
DNSIQ® WHOISIQ™ SSL Certificates Blacklist Lookup Host Attributes
Attack Analytics
Newly Observed Domains Newly Observed Hosts Malware Phishing Scam Content
Digital Footprint
Global Inventory API Global Inventory Schema Risk Metric Schema Workspace Management API
Coming Soon
Getting Started Actions Artifact Articles Attack Surface Intelligence Intel Profiles Data Card Enrichment Services Monitor Project SSL Certificates Tag Artifact Trackers Host Attributes Cookies Components Passive DNS Whois Bulk Enrichment Reputation Vulnerability Intelligence

Vulnerability Intelligence

RiskIQ's Vulnerability Intelligence provides a practical picture of vulnerability risk. By using the Vulnerability Intelligence API, Threat Hunters and Incident Responders can easily automate the latest detections of CVEs on Attack Surfaces worldwide including exploits, dark web chatter, and malware associations.


What It Looks Like

Vulnerability Article

Get Vulnerability Article for a CVE

Retrieves the CVE with corresponding components, attack surface, and third-party details

Curl Example

$ curl -u $USERNAME:$KEY 'https://api.riskiq.net/pt/v2/vuln-intel/article/CVE-2016-6797'


    "cveInfo": {
        "cveId": "CVE-2016-6797",
        "description": "The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.",
        "cwes": [
                "cweId": "CWE-284"
        "priorityScore": 75.0,
        "cvss2Score": 5.0,
        "cvss3Score": 7.5,
        "datePublished": "2017-08-11 05:29:00",
        "dateCreated": null,
        "datePublisherUpdate": "2020-10-06 05:15:00",
        "references": [
                "url": "http://www.securityfocus.com/bid/93940",
                "name": "93940"
    "components": [
            "name": "Apache Software Foundation Tomcat 7.0.14"
    "articlesLink": "https://api.riskiq.net/v2/articles/?query=CVE-2016-6797"
    "observationCount": 2,
    "impactedThirdParties": [
            "vendorID": 41801,
            "name": "Aon Plc",
            "assetCount": 7