Sign in Get a demo

Vulnerabilities for a domain, IP, or URL, in one call.

Pass an FQDN, IP, or URL. Get back the technologies detected, the CVEs that affect them, and exploitation-likelihood scoring. The full vuln-discovery pipeline as one endpoint.

Talk to us Browse API docs
WHAT THIS API RETURNS

Vulnerability discovery for a single target.

The Vulnerability Finder API runs the same per-target discovery pipeline that drives Deepinfo's vulnerability ranking workflow. Pass a target URL, FQDN, or IP and the API returns the technologies detected on that target along with the CVEs affecting each technology version.

Each detected vulnerability carries CVSS, EPSS, CISA KEV, and Deepinfo-specific risk scoring. The pipeline runs technology fingerprinting, version inference, and CVE matching against the indexed corpus. The response also includes redirection history and connection state from the underlying probe.

Use this when a target is in scope and the question is about its vulnerable technology surface, not the corpus at large. Pair with the Vulnerability Detail API when you need the full record on any returned CVE.

REQUEST

One endpoint, one required parameter.

Endpoint:

GET https://api.deepinfo.com/v1/discovery/vulnerability-finder?url={url}

Parameters:

Name In Type Required Description
url query string Yes An FQDN, IP, or URL such as https://www.example.com or 203.0.113.42.

Authentication is by API token in the request header. See docs.deepinfo.com for the full request reference.

SAMPLE RESPONSE

See what the API returns.

Real response structure for the Vulnerabilities for a domain, IP, or URL, in one call endpoint. Field coverage may vary based on query parameters and data availability.

JSON RESPONSE
{
  "url": "https://www.example.com",
  "check_date": "2026-05-02T08:30:11Z",
  "connection_status": "ok",
  "redirection_history": [
    {"from": "http://www.example.com", "to": "https://www.example.com", "status": 301}
  ],
  "technologies": [
    {"name": "nginx", "version": "1.18.0", "cves": ["CVE-2021-23017", "CVE-2022-41741"]},
    {"name": "OpenSSH", "version": "8.2p1", "cves": ["CVE-2023-38408"]},
    {"name": "WordPress", "version": "6.1.0", "cves": ["CVE-2022-43500"]}
  ],
  "vulnerability_stats": {
    "total": 4,
    "critical": 1,
    "high": 2,
    "medium": 1,
    "low": 0,
    "kev_listed": 1
  }
}
STRUCTURED VIEW
Fields
Url
https://www.example.com
Check date
2026-05-02T08:30:11Z
Connection status
ok
Redirection history
Count
1
First from
http://www.example.com
First to
https://www.example.com
First status
301
Technologies
Count
3
First name
nginx
First version
1.18.0
First cves
CVE-2021-23017, CVE-2022-41741
Vulnerability stats
Total
4
Critical
1
High
2
Medium
1
Low
0
Kev listed
1

Sample response shown. Real responses depend on query parameters, data availability, and API version. Talk to us for full schema documentation.

USE CASES

Workflows this API plugs into directly.

Vulnerability Management

Run continuous per-asset CVE discovery against your own surface.

Read the use case

Attack Surface Management

Enrich every discovered asset with its vulnerable-technology footprint in one call.

Read the use case

Third-Party Risk Management

Score vendor surfaces by exploited-technology exposure, not just questionnaire claims.

Read the use case

“The full discovery pipeline behind one API call replaced a multi-step orchestration we maintained ourselves. Detected technologies, mapped CVEs, and exploitation-likelihood scoring land in our ASM platform directly.”

— Lead Engineer, Attack Surface Management Vendor
CONTINUE EXPLORING

Other vulnerability APIs.

API

Search the CVE corpus, by any field.

Filter the full CVE corpus by any of 243 indexed fields and 11 query operators.

See API API

Everything Deepinfo knows about one CVE, in one call.

Pass a CVE ID.

See API
GET STARTED

Run a finder against your own asset, or scope it to a vendor.

We'll set up token access and answer schema questions on a call.

Talk to us Browse API docs