Vulnetix
Try Vulnetix Request Demo

The right vulnerability data.
Where your decisions happen.

The most comprehensive collation of vulnerability and exploit intelligence in the world — 160+ databases aggregated into one normalised, enriched API. Delivered through CLI, REST API (OpenAPI v2, GA), and AI coding agents. Free community tier.

Try the Console

What's in the VDB

Vulnerability Intelligence

Aggregated from CVE.org, NVD, EUVD, Google OSI, OSV, GitHub Security Advisories, VulDB, and 150+ more sources. Every CVE enriched with CVSS v2/v3/v4, EPSS, SSVC, and KEV status.

Exploit Intelligence

18+ exploit sources including ExploitDB, Metasploit, GitHub PoCs, and NVD. Know which vulnerabilities have working exploits before you triage.

Fix Intelligence

Patch availability, vendor advisories, and remediation guidance correlated across all vulnerability sources.

Package Risk

Search packages across npm, PyPI, Maven, RubyGems, crates.io, Go modules, NuGet, and more. Identify malicious packages, version ranges, and safe upgrade paths.

Scorecards

OpenSSF Scorecard integration for open source project security health scoring.

SOC Detection Content

Snort/Suricata IDS/IPS rules, YARA signatures, Nuclei templates and MITRE ATT&CK technique chains — generated from exploit intelligence, ready for the SOC pipeline.

SOC / Detection Engineering

Turn a CVE into deployable defence. Pull detection content straight from the VDB, or ingest the free per-ecosystem STIX feeds into your SIEM, firewall, EDR or CTI platform — no licence, refreshed every 15 minutes.

$ vulnetix vdb snort-rules get CVE-2024-3094    # Snort/Suricata rules (also: list)
$ vulnetix vdb yara-rules get CVE-2024-3094     # YARA signatures (also: list)
$ vulnetix vdb attack-techniques CVE-2024-3094  # MITRE ATT&CK chain
$ vulnetix vdb exploits CVE-2024-3094 -o json   # Snort/YARA/Nuclei/Metasploit/ExploitDB/PoCs

Free STIX 2.1 threat-intel feeds (malicious DNS + URLs): Generic DNS STIX · Generic URLs STIX · per-ecosystem feeds →

Supported Ecosystems

npm PyPI Maven RubyGems crates.io Go modules NuGet Composer Hex SwiftPM Conan Alpine Debian Ubuntu RHEL Amazon Linux Windows macOS Android iOS

Pricing

Community — Free

  • 100 queries / week (unauthenticated)
  • 10,000 queries / week with free API key
  • Full VDB access — all endpoints
  • CLI, API, and AI Coding Agent support
  • No credit card required

Get free API key →

Pro — $25 / month

  • 120 requests / minute
  • Priority support
  • Higher rate limits
  • Usage dashboard
  • Billing portal

Enterprise

  • Custom rate limits
  • SLA guarantees
  • Dedicated support
  • On-premise options
  • Data residency

Contact us →

API — OpenAPI v2 (GA)

The REST API is generally available at v2 — a single, stable, fully documented OpenAPI surface. Browse it interactively, download the machine-readable spec, or fetch it from the CLI.

Authentication is optional — the API serves unauthenticated callers on a shared pool. For a free Community key (higher limits), self-serve with one unauthenticated request — credentials come back immediately, no confirmation step:

$ curl -fsS -X POST https://www.vulnetix.com/api/site/v1/register     -H 'Content-Type: application/json' -d '{"email":"you@example.com"}'
{ "orgId": "...", "secret": "...", "apiKey": "...", "jwt": "..." }

$ vulnetix auth login --org-id <orgId> --secret <secret> --store home

Or just run /vulnetix:get-api-key in the Pix AI coding-agent plugin. Get a free API key →

Access Methods

Open Console → Get Free API Key →