VulnerableCode.io REST API

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/109097?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/109097?format=api",
    "vulnerability_id": "VCID-53rt-69qa-yfdx",
    "summary": "ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative control of the application.",
    "aliases": [
        {
            "alias": "CVE-2025-67418"
        }
    ],
    "fixed_packages": [],
    "affected_packages": [],
    "references": [
        {
            "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67418",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "0.0054",
                    "scoring_system": "epss",
                    "scoring_elements": "0.68147",
                    "published_at": "2026-06-13T12:55:00Z"
                },
                {
                    "value": "0.0054",
                    "scoring_system": "epss",
                    "scoring_elements": "0.68046",
                    "published_at": "2026-06-11T12:55:00Z"
                },
                {
                    "value": "0.0054",
                    "scoring_system": "epss",
                    "scoring_elements": "0.68134",
                    "published_at": "2026-06-12T12:55:00Z"
                }
            ],
            "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67418"
        },
        {
            "reference_url": "http://clipbucket.com",
            "reference_id": "clipbucket.com",
            "reference_type": "",
            "scores": [
                {
                    "value": "9.8",
                    "scoring_system": "cvssv3.1",
                    "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
                },
                {
                    "value": "Track*",
                    "scoring_system": "ssvc",
                    "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-22T19:51:43Z/"
                }
            ],
            "url": "http://clipbucket.com"
        },
        {
            "reference_url": "https://medium.com/@arpit03sharma2003/cve-2025-67418-when-default-credentials-become-a-remote-root-button-03be5ee4b927",
            "reference_id": "cve-2025-67418-when-default-credentials-become-a-remote-root-button-03be5ee4b927",
            "reference_type": "",
            "scores": [
                {
                    "value": "9.8",
                    "scoring_system": "cvssv3.1",
                    "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
                },
                {
                    "value": "Track*",
                    "scoring_system": "ssvc",
                    "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-22T19:51:43Z/"
                }
            ],
            "url": "https://medium.com/@arpit03sharma2003/cve-2025-67418-when-default-credentials-become-a-remote-root-button-03be5ee4b927"
        }
    ],
    "weaknesses": [],
    "exploits": [],
    "severity_range_score": "9.8 - 9.8",
    "exploitability": null,
    "weighted_severity": null,
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-53rt-69qa-yfdx"
}

Vulnerability Instance