Get Stats (Aggregate)
Get combined statistics from multiple security data sources in a single request.
Endpoint
GET /api/v1/statsResponse
json
{
"success": true,
"data": {
"nix": {
"openIssues": 24,
"withFix": 2,
"assigned": 6,
"bySeverity": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"unknown": 24
},
"oldestIssue": "2025-11-15T10:30:00.000Z",
"newestIssue": "2026-01-27T17:42:23.000Z"
},
"osv": {
"totalVulnerabilities": 567081,
"totalEcosystems": 38,
"topEcosystems": [
{ "name": "npm", "count": 214344 },
{ "name": "PyPI", "count": 17626 },
{ "name": "Maven", "count": 6135 }
]
},
"last12h": {
"newAdvisories": 7,
"severityCounts": {
"critical": 2,
"high": 1,
"medium": 2,
"low": 2,
"unknown": 0
},
"latest": [
{
"ghsa_id": "GHSA-4486-gxhx-5mg7",
"severity": "medium",
"summary": "PsySH has Local Privilege Escalation via CWD .psysh.php auto-load",
"published_at": "2026-01-30T21:28:44Z"
}
]
}
},
"timestamp": "2026-01-30T12:00:00.000Z"
}Response Fields
nix (Nixpkgs Security Tracker)
| Field | Type | Description |
|---|---|---|
openIssues | number | Total open issues from Nixpkgs Security Tracker |
withFix | number | Issues where a fixed version is available |
assigned | number | Issues assigned to a contributor |
bySeverity | object | Breakdown by severity (critical, high, medium, low, unknown) |
oldestIssue | string|null | ISO timestamp of the oldest open issue |
newestIssue | string|null | ISO timestamp of the newest open issue |
osv (OSV.dev Ecosystems)
| Field | Type | Description |
|---|---|---|
totalVulnerabilities | number | Total vulnerabilities across all ecosystems |
totalEcosystems | number | Number of supported ecosystems |
topEcosystems | array | Top 3 package manager ecosystems by vulnerability count |
last12h (Recent Advisories)
| Field | Type | Description |
|---|---|---|
newAdvisories | number | Advisories published in last 12 hours |
severityCounts | object | Breakdown by severity level |
latest | array | Up to 5 most recent advisories with id, severity, summary, and timestamp |
Example
bash
curl https://api.vulnpatch.dev/api/v1/statsCode Examples
javascript
async function displayStats() {
const response = await fetch('https://api.vulnpatch.dev/api/v1/stats');
const { data } = await response.json();
console.log(`Nix Issues: ${data.nix.openIssues}`);
console.log(`Total Vulnerabilities: ${data.osv.totalVulnerabilities.toLocaleString()}`);
console.log(`New (12h): ${data.last12h.newAdvisories}`);
console.log(`Critical (12h): ${data.last12h.severityCounts.critical}`);
// Show latest advisories
data.last12h.latest.forEach(adv => {
console.log(`[${adv.severity}] ${adv.summary}`);
});
}python
import requests
response = requests.get('https://api.vulnpatch.dev/api/v1/stats')
data = response.json()['data']
print(f"Nix Issues: {data['nix']['openIssues']}")
print(f"Total Vulnerabilities: {data['osv']['totalVulnerabilities']:,}")
print(f"New (12h): {data['last12h']['newAdvisories']}")
# Show latest advisories
for adv in data['last12h']['latest']:
print(f"[{adv['severity']}] {adv['summary']}")Use Cases
- Security dashboards: Display real-time vulnerability counts across ecosystems
- Landing pages: Show "X vulnerabilities tracked" stats
- Monitoring: Track vulnerability disclosure rates over time
- Alerting: Trigger alerts when critical CVEs spike
- News feeds: Show latest advisories from
last12h.latest
Related Endpoints
For more detailed data, use these endpoints:
/api/v1/nix/stats- Detailed Nixpkgs tracker statistics/api/v1/ecosystem-stats- Full ecosystem breakdown/api/v1/recent-advisories- Recent advisory details
Caching
This endpoint is cached for 5 minutes. The X-Cache header indicates cache status.