Vulnerabilities Search API
The OEM Vulnerabilities Search API allows partners to query platform-discovered vulnerabilities for a specific host or domain. Results are sorted by most recently seen first.
warning
OEM API requires special partner access. Contact FullHunt sales to enable OEM capabilities on your account.
Search Vulnerabilities
Search for vulnerabilities discovered by the FullHunt platform for a host or domain.
HTTP Request
POST https://fullhunt.io/api/v1/oem/vulnerabilities/search
Request Body Parameters
| Parameter | Required | Type | Description |
|---|---|---|---|
| type | Yes | string | Type of query. Supported values: host, domain |
| query | Yes | string | The host, IP address, or domain to search for |
| query_tags | No | object | Key-value pairs for client-specific tracking |
Example Request — By Domain
curl -X POST "https://fullhunt.io/api/v1/oem/vulnerabilities/search" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx" \
-H "Content-Type: application/json" \
-d '{
"type": "domain",
"query": "acme.com",
"query_tags": {
"client_name": "ACMECorp",
"workspace": "production"
}
}'
Example Request — By Host
curl -X POST "https://fullhunt.io/api/v1/oem/vulnerabilities/search" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx" \
-H "Content-Type: application/json" \
-d '{
"type": "host",
"query": "mail.acme.com"
}'
Example Response
{
"query": {
"type": "domain",
"value": "acme.com"
},
"total_results": 1,
"results": [
{
"host": "mail.acme.com",
"domain": "acme.com",
"tld": "com",
"affected_location": "https://mail.acme.com:443",
"vulnerability_id": "aws-bucket-takeover",
"category": "Domain Takeover",
"cve_id": "",
"cwe_id": "CWE-200",
"cvss_score": 8.5,
"epss_score": 0.0,
"is_cve": false,
"is_kev": false,
"is_public_exploit": false,
"name": "AWS Bucket Takeover Detection",
"description": "AWS Bucket takeover was detected.",
"impact": "The impact of this vulnerability can be severe, as it can result in unauthorized access to resources and potential data exposure.",
"remedy": "Ensure that cloud buckets are properly configured with appropriate access controls. Verify that all referenced buckets exist and are not publicly accessible.",
"severity": "high",
"tags": ["takeover", "aws", "bucket"],
"references": [
"https://nvd.nist.gov/vuln/detail/CVE-2024-3094"
],
"date_added": "2026-04-28 22:26:08",
"last_seen": "2026-05-14 13:57:27"
}
]
}
Response Fields
| Field | Type | Description |
|---|---|---|
query | object | The query parameters used |
query.type | string | Query type (host or domain) |
query.value | string | The queried value |
total_results | integer | Number of vulnerabilities returned |
results | array | Array of vulnerability objects |
results[].host | string | Affected host |
results[].domain | string | Parent domain of the affected host |
results[].cve_id | string | CVE identifier |
results[].severity | string | Severity level (critical, high, medium, low, info) |
results[].cvss_score | number | CVSS score (0.0–10.0) |
results[].title | string | Vulnerability title |
results[].description | string | Vulnerability description |
results[].product | string | Affected product |
results[].version | string | Affected version |
results[].first_seen | string | First detection date (ISO 8601) |
results[].last_seen | string | Most recent detection date (ISO 8601) |
results[].is_exploited | boolean | Whether this vulnerability has known exploits |
Use Cases
- Client Risk Reporting: Generate vulnerability reports for managed clients
- Attack Surface Monitoring: Track newly discovered vulnerabilities per domain
- Prioritization: Sort by severity or CVSS score to drive remediation
- Compliance: Document exposure for audit and compliance purposes
Query Tags for Tracking
Use query_tags to track per-client usage in audit logs:
{
"query_tags": {
"client_id": "client_123",
"client_name": "ACME Corporation",
"workspace": "production"
}
}
Error Handling
| Status Code | Description |
|---|---|
| 200 | Success |
| 400 | Bad Request — missing or invalid parameters |
| 401 | Unauthorized — invalid API key |
| 403 | Forbidden — OEM access not enabled or credits exhausted |
| 429 | Rate limit exceeded (60 requests/minute) |
| 500 | Internal server error |