Ptsecurity APIdbugs.ptsecurity.com ↗
Access CVE details, CVSS scores, researcher leaderboards, and trending vulnerability data from Positive Technologies' dbugs database via 5 structured endpoints.
What is the Ptsecurity API?
The dbugs (Positive Technologies) API exposes 5 endpoints covering vulnerability listings, full detail records, trending threats, and security researcher profiles. The list_vulnerabilities endpoint lets you search across the entire PT vulnerability database by keyword, CVE ID, or vulnerability class, returning severity scores, affected vendors and products, and fix and exploit availability for each result.
curl -X POST 'https://api.parse.bot/scraper/d798a609-8999-4eb7-add4-060fbb383313/list_vulnerabilities' \
-H 'X-API-Key: $PARSE_API_KEY' \
-H 'Content-Type: application/json' \
-d '{
"fts": "nginx",
"page": "1",
"limit": "5"
}'Typed, relational, agent-ready
A generated client with real types, enums, and the links between objects — the structure a flat JSON response can't carry. Autocompletes in your editor and reads cleanly to coding agents.
- Fully typed · autocompletes
- Objects link to objects
- Typed errors & pagination
Typed Python client. Set up the SDK in your uv project, then pull this API’s typed client:
uv add parse-sdk uv run parse init uv run parse add --marketplace dbugs-ptsecurity-com-api
uv run parse add --marketplace pulls a pinned snapshot of this canonical API — it won’t change underneath you. To customize it, subscribe and swap to your own copy.
from parse_apis.dbugs_vulnerability_database_api import Dbugs, Severity
dbugs = Dbugs()
# Search for critical nginx vulnerabilities
for vuln in dbugs.vulnerabilities.search(fts="nginx", limit=5):
print(vuln.vulner_id, vuln.cve_id, vuln.max_severity, vuln.has_fix)
# Get full details on a specific vulnerability
detail = dbugs.vulnerabilities.get(vulner_id="PT-2026-40681")
print(detail.vulner_id, detail.cve_id, detail.max_score, detail.impacts)
# Browse trending vulnerabilities
for trend in dbugs.trendingvulnerabilities.list(limit=3):
print(trend.lvl, trend.posts_count, trend.vulnerability.cve_id)
# List top researchers
for researcher in dbugs.researchers.list(limit=5):
print(researcher.place, researcher.name, researcher.vulner_count, researcher.vulner_rating)
# Get a specific researcher's vulnerabilities
r = dbugs.researchers.get(name="Mat Powell")
print(r.name, r.company, r.vulner_average_rating)
for rv in r.vulnerabilities.list(limit=3):
print(rv.vulner_id, rv.cve_id, rv.max_score, rv.impacts)
Full-text search over the vulnerability catalog. Returns paginated summaries with CVE IDs, severity scores, affected vendors/products, and fix/exploit status. Pagination via integer page counter; each page returns up to `limit` items. Without `fts`, returns the most recently added vulnerabilities.
| Param | Type | Description |
|---|---|---|
| fts | string | Full-text search query (e.g., 'chrome', 'CVE-2026-1731', 'privilege escalation') |
| page | integer | Page number for pagination (1-based) |
| limit | integer | Number of results per page (max observed: 100) |
{
"type": "object",
"fields": {
"rows": "array of vulnerability summary objects containing vulner_id, cve_id, max_score, max_severity, vendors, products, has_fix, has_exploits, created, updated",
"count": "integer total number of matching vulnerabilities"
},
"sample": {
"data": {
"rows": [
{
"cve_id": "CVE-2026-53463",
"created": "2026-06-10",
"has_fix": true,
"updated": "2026-06-10",
"vendors": [
"Imagemagick"
],
"products": [
"Imagemagick"
],
"max_score": 4.3,
"metrics_3": [
"AV:N",
"AC:L",
"PR:N",
"UI:R",
"S:U",
"C:N",
"I:N",
"A:L"
],
"vulner_id": "PT-2026-48572",
"related_ids": [
"CVE-2026-53463"
],
"researchers": [],
"has_exploits": false,
"max_severity": "MEDIUM",
"priority_vendor": "Imagemagick",
"priority_product": "Imagemagick"
}
],
"count": 379808
},
"status": "success"
}
}About the Ptsecurity API
Vulnerability Search and Detail
The list_vulnerabilities endpoint accepts a fts parameter for full-text search — valid inputs include product names like chrome, identifiers like CVE-2026-1731, or descriptive terms like privilege escalation. Each result row returns vulner_id, cve_id, max_score, max_severity, vendors, products, has_fix, and has_expl. Pagination is controlled by page and limit. To retrieve the full record for any entry, pass its vulner_id to get_vulnerability_detail, which returns CVSS vectors grouped by source and locale, multi-locale descriptions, external references with ref_url and domain, credited researchers, and the highest max_score.
Trending Vulnerabilities and Social Signals
The get_trends endpoint returns vulnerabilities currently receiving elevated attention, with each row including twitter_timeline, posts_count, and last_tweets alongside the standard vulnerability fields. This makes it straightforward to surface threats generating active security community discussion without manually monitoring social feeds.
Researcher Leaderboards and Profiles
The list_researchers endpoint returns a ranked list of security researchers ordered by vulner_rating. Each row includes place, name, company, vulner_count, and vulner_average_rating. To view an individual researcher's attributed discoveries, pass their name to get_researcher_profile, which returns both the researcher object and a paginated array of their reported vulnerabilities including vulner_id, cve_id, max_score, max_severity, locales, and impacts.
The Ptsecurity API is a managed, monitored endpoint for dbugs.ptsecurity.com — not a raw scraper you maintain. Every endpoint is automatically health-checked on a schedule, and when dbugs.ptsecurity.com changes and a check fails, the API is automatically queued for repair and re-verified. It is built to keep working as the site underneath it changes.
This isn't an official dbugs.ptsecurity.com API — it's an independent, maintained REST wrapper over public data. Where the source has no official API (or only a limited one), Parse gives you a stable contract over a source that never promised one, and keeps it current. Need a new endpoint or field? You can revise it yourself in plain English and the agent rebuilds it against the live site in minutes — contributing the change back to the shared API is free.
Will this API break when the source site changes?+
Is this an official API from the source site?+
Can I fix or extend this API myself if I need a new endpoint or field?+
What happens if I call an endpoint that has an issue?+
- Monitor newly disclosed critical or high-severity vulnerabilities affecting a specific vendor using
list_vulnerabilitieswith anftssearch. - Pull full CVSS vector data and multi-locale descriptions for a known PT or CVE ID to feed into an internal vulnerability management system.
- Track trending threats by social media post volume using
get_trendsto prioritize patching queues. - Build a researcher attribution feed by querying
get_researcher_profilefor credited discoverers of specific vulnerabilities. - Rank external security researchers by
vulner_ratingvialist_researchersfor bug bounty program benchmarking. - Check
has_explandhas_fixflags fromlist_vulnerabilitiesto filter exploitable-but-unpatched issues for immediate triage. - Aggregate
last_tweetsdata from trending vulnerabilities to correlate social discussion spikes with disclosure timelines.
| Tier | Price | Credits/month | Rate limit |
|---|---|---|---|
| Free | $0/mo | 100 | 5 req/min |
| Hobby | $30/mo | 1,000 | 20 req/min |
| Developer | $100/mo | 5,000 | 100 req/min |
One credit = one API call regardless of which marketplace API you call. Exceeding the rate limit returns a 429 response. Authenticate with the X-API-Key header.
Does dbugs.ptsecurity.com have an official public developer API?+
What does `get_vulnerability_detail` return beyond what `list_vulnerabilities` provides?+
list_vulnerabilities returns summary fields: vulner_id, cve_id, max_score, max_severity, vendors, products, has_fix, and has_expl. get_vulnerability_detail adds CVSS vectors grouped by source and locale, full multi-locale locales descriptions, an array of external references with ref_url and domain, and the researchers array crediting the discoverers.Does the API expose vulnerability patch notes, vendor advisories, or changelog history?+
ref_url fields in the references array, but structured patch notes, vendor advisory text, or version-level changelog history are not returned as distinct fields. You can fork the API on Parse and revise it to add an endpoint targeting advisory-specific data.Are there any limitations on what the researcher profile endpoint can return?+
get_researcher_profile endpoint requires the researcher's name exactly as it appears in list_researchers results. The vulnerabilities list within the profile is paginated using page and limit. Researchers not present in the leaderboard — for example, those with no rated discoveries in the PT database — will not have retrievable profiles.Does the API cover NVD or MITRE CVE data separately from PT's own identifiers?+
cve_id fields alongside PT's own vulner_id identifiers, and CVSS data is grouped by source within get_vulnerability_detail. There are no dedicated endpoints for querying NVD or MITRE records directly. You can fork the API on Parse and revise it to add an endpoint that cross-references NVD identifiers.