Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/153142?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/153142?format=api", "vulnerability_id": "VCID-wspm-u7q5-6yf1", "summary": "", "aliases": [ { "alias": "CVE-2009-4906" } ], "fixed_packages": [], "affected_packages": [], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4906", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51221", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51282", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4906" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/10412.txt", "reference_id": "OSVDB-60971;CVE-2009-4906", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/10412.txt" } ], "weaknesses": [], "exploits": [ { "date_added": "2009-12-12", "description": "Acc PHP eMail 1.1 - Cross-Site Request Forgery", "required_action": null, "due_date": null, "notes": null, "known_ransomware_campaign_use": false, "source_date_published": "2009-12-13", "exploit_type": "webapps", "platform": "php", "source_date_updated": null, "data_source": "Exploit-DB", "source_url": "" } ], "severity_range_score": null, "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wspm-u7q5-6yf1" }