Skip to content
Patchstack Docs

Threat Intelligence API

The Threat Intelligence API has custom pricing and is activated on requestcontact us.

Interactive reference: Every endpoint, parameter, request body and response shape is documented in the Threat Intelligence API reference.

Tooling (Postman, SDK, LLM): spec URLs and import instructions live on Overview → Using the API with your tools.

This page covers the concepts you need to use the API effectively — authentication, rate limiting, errors, and code samples. Use it alongside the interactive reference.

Endpoints at a glance

Section titled “Endpoints at a glance”
EndpointPurpose
GET /product/{type}/{name}/{version}Advisory list for a single product + version.
GET /product/{type}/{name}/{version}/existsBoolean-only exists check (faster).
GET /latestThe 20 most recent vulnerabilities.
POST /batchBulk lookup — up to 50 products per request.
GET /vulnerability/{id}Advisory detail (CVSS vector, OWASP, references, credit).

Each per-item payload includes description, vuln_type, cvss_score, cve, is_exploited, patch_priority, affected_in, and patched_in_ranges. See API properties for full field definitions.

Base URL

Section titled “Base URL”
https://patchstack.com/database/api/v2/

Authentication

Section titled “Authentication”

Every request must include your API key in the PSKey HTTP request header. Access is activated on request — contact us to request a key.

PSKey: <your-api-key>

Response format

Section titled “Response format”

All responses are JSON. Responses are cached until the Patchstack database updates, at which point the cache is cleared. GET /vulnerability/{id} returns a richer, differently-shaped payload documented in the reference.

Batch lookups

Section titled “Batch lookups”

POST /batch accepts an array of up to 50 {name, version, type, exists?} items. The response is keyed by product_slug, not by array index — duplicate slugs in the request collapse. Per-item exists: true returns a boolean for that slug; exists: false (or omitted) returns the full advisory list.

Rate limiting

Section titled “Rate limiting”

Custom, set per contract. Contact https://patchstack.com/for-hosts/ if you need a quota change.

Errors

Section titled “Errors”
StatusMeaning
401 UnauthorizedMissing or invalid PSKey header.
403 ForbiddenAPI key not authorised for the requested endpoint.
404 Not FoundUnknown product/version or vulnerability id.
422 Unprocessable EntityInvalid request payload (e.g. batch with more than 50 items).
429 Too Many RequestsRate limit exceeded.
500Server error — please include the request id in any bug report.

Testing — curl one-liners

Section titled “Testing — curl one-liners”
Terminal window
# Latest 20 vulnerabilities
curl 'https://patchstack.com/database/api/v2/latest' \
  -H 'PSKey: <your-api-key>'


# Full advisory list for a plugin version
curl 'https://patchstack.com/database/api/v2/product/plugin/tutor/1.5.2' \
  -H 'PSKey: <your-api-key>'


# Boolean-only exists check
curl 'https://patchstack.com/database/api/v2/product/plugin/tutor/1.5.2/exists' \
  -H 'PSKey: <your-api-key>'


# Batch — boolean-only across two products
curl -X POST 'https://patchstack.com/database/api/v2/batch' \
  -H 'PSKey: <your-api-key>' \
  -H 'Content-Type: application/json' \
  -d '[
    {"name":"easy-digital-downloads1","version":"1.0.0","type":"plugin","exists":true},
    {"name":"wordpress","version":"3.0.0","type":"wordpress","exists":true}
  ]'


# Advisory detail by id
curl 'https://patchstack.com/database/api/v2/vulnerability/4760' \
  -H 'PSKey: <your-api-key>'

Batch walk (PHP)

Section titled “Batch walk (PHP)”
<?php


$apiKey = getenv('PATCHSTACK_KEY');
$components = [
    ['name' => 'easy-digital-downloads1', 'version' => '1.0.0', 'type' => 'plugin',    'exists' => false],
    ['name' => 'wordpress',               'version' => '3.0.0', 'type' => 'wordpress', 'exists' => true],
];


$ch = curl_init('https://patchstack.com/database/api/v2/batch');
curl_setopt_array($ch, [
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_POST           => true,
    CURLOPT_HTTPHEADER     => ['PSKey: '.$apiKey, 'Content-Type: application/json'],
    CURLOPT_POSTFIELDS     => json_encode($components),
]);
$response = json_decode(curl_exec($ch), true);
curl_close($ch);


foreach ($response['vulnerabilities'] as $slug => $result) {
    if (is_bool($result)) {
        echo "{$slug}: ".($result ? 'vulnerable' : 'clear').PHP_EOL;
    } else {
        echo "{$slug}: ".count($result)." advisor".(count($result) === 1 ? 'y' : 'ies').PHP_EOL;
    }
}

More information

Section titled “More information”

You can find more information about the Patchstack Threat Intelligence API on https://patchstack.com/for-hosts/. If you have integration questions, email dave.jong@patchstack.com.