VulnerableCode.io REST API

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/95003?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95003?format=api",
    "vulnerability_id": "VCID-j1sx-858e-hybu",
    "summary": "A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.\n\n\n\nSince there are input\nfields on this webpage with the autocomplete attribute enabled, the input\ncontent could be saved in the browser the user is using.\n\n\n\nThe\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04",
    "aliases": [
        {
            "alias": "CVE-2025-66605"
        }
    ],
    "fixed_packages": [],
    "affected_packages": [],
    "references": [
        {
            "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-66605",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "0.00056",
                    "scoring_system": "epss",
                    "scoring_elements": "0.17689",
                    "published_at": "2026-06-11T12:55:00Z"
                },
                {
                    "value": "0.00056",
                    "scoring_system": "epss",
                    "scoring_elements": "0.17848",
                    "published_at": "2026-06-12T12:55:00Z"
                },
                {
                    "value": "0.00056",
                    "scoring_system": "epss",
                    "scoring_elements": "0.17864",
                    "published_at": "2026-06-13T12:55:00Z"
                },
                {
                    "value": "0.00056",
                    "scoring_system": "epss",
                    "scoring_elements": "0.17839",
                    "published_at": "2026-06-14T12:55:00Z"
                }
            ],
            "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-66605"
        },
        {
            "reference_url": "https://web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf",
            "reference_id": "YSAR-26-0001-E.pdf",
            "reference_type": "",
            "scores": [
                {
                    "value": "2.1",
                    "scoring_system": "cvssv4",
                    "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"
                },
                {
                    "value": "Track",
                    "scoring_system": "ssvc",
                    "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-09T19:02:42Z/"
                }
            ],
            "url": "https://web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf"
        }
    ],
    "weaknesses": [
        {
            "cwe_id": 359,
            "name": "Exposure of Private Personal Information to an Unauthorized Actor",
            "description": "The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected."
        }
    ],
    "exploits": [],
    "severity_range_score": "2.1 - 2.1",
    "exploitability": null,
    "weighted_severity": null,
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j1sx-858e-hybu"
}

Vulnerability Instance