Analytics

Get aggregated CVE analytics including severity distribution, CVSS score ranges, source breakdown, and monthly trends.

Endpoint

GET /api/v1/analytics

Parameters

Parameter	Type	Required	Description
`period`	string	No	Aggregation period: `monthly` (default), `weekly`, `daily`
`date`	string	No	Target date for historical analytics (ISO 8601)

Response

json

{
  "success": true,
  "data": {
    "timestamp": "2026-02-06T14:36:24.506Z",
    "period": "analytics_monthly_2026_02",
    "totals": {
      "count": 1234,
      "bySeverity": {
        "critical": 50,
        "high": 200,
        "medium": 600,
        "low": 300,
        "unknown": 84
      },
      "bySource": {
        "mitre": 800,
        "nvd": 400,
        "ghsa": 34
      },
      "byEcosystem": {
        "nixpkgs": 200,
        "npm": 500,
        "PyPI": 300,
        "unknown": 234
      },
      "byCvssRange": {
        "9-10": 50,
        "7-8.9": 200,
        "4-6.9": 600,
        "0.1-3.9": 300,
        "none": 84
      }
    },
    "trends": {
      "newThisMonth": 85,
      "updatedThisMonth": 120
    }
  },
  "cached": true,
  "timestamp": "2026-02-06T14:36:24.751Z"
}

Response Fields

Totals Object

Field	Type	Description
`count`	number	Total CVEs tracked
`bySeverity`	object	Count by severity level (critical, high, medium, low, unknown)
`bySource`	object	Count by data source (mitre, nvd, ghsa, osv, nix_tracker)
`byEcosystem`	object	Count by ecosystem (nixpkgs, npm, PyPI, etc.)
`byCvssRange`	object	Count by CVSS score range

Trends Object

Field	Type	Description
`newThisMonth`	number	CVEs published this month
`updatedThisMonth`	number	CVEs updated this month

Example

bash

# Get current monthly analytics
curl "https://api.vulnpatch.dev/api/v1/analytics"

# Get analytics for January 2026
curl "https://api.vulnpatch.dev/api/v1/analytics?date=2026-01-15"

Code Examples

JavaScriptPython

javascript

async function getAnalytics(date = null) {
  let url = 'https://api.vulnpatch.dev/api/v1/analytics';
  if (date) {
    url += `?date=${encodeURIComponent(date)}`;
  }

  const response = await fetch(url);
  const { data } = await response.json();

  console.log(`Total CVEs: ${data.totals.count}`);
  console.log(`Critical: ${data.totals.bySeverity.critical}`);
  console.log(`New this month: ${data.trends.newThisMonth}`);

  return data;
}

getAnalytics();

python

import requests

def get_analytics(date=None):
    url = "https://api.vulnpatch.dev/api/v1/analytics"
    params = {}
    if date:
        params['date'] = date

    response = requests.get(url, params=params)
    data = response.json()['data']

    print(f"Total CVEs: {data['totals']['count']}")
    print(f"Critical: {data['totals']['bySeverity']['critical']}")
    print(f"New this month: {data['trends']['newThisMonth']}")

    return data

get_analytics()

Use Cases

Security dashboards: Display severity distribution and trends
Reporting: Generate monthly vulnerability reports
Monitoring: Track growth in vulnerability data over time
Ecosystem analysis: Compare vulnerability counts across ecosystems

Caching

Analytics are computed every 30 minutes via cron and cached. The cached field indicates if the response came from cache.

GET /api/v1/stats - Aggregate statistics
GET /api/v1/ecosystem-stats - Per-ecosystem counts
GET /api/v1/severity-breakdown - By severity level

Analytics ​

Endpoint ​

Parameters ​

Response ​

Response Fields ​

Totals Object ​

Trends Object ​

Example ​

Code Examples ​

Use Cases ​

Caching ​

Related Endpoints ​