HEXL
Catalog/security-cve-stats

Security

CVE historical analytics API

Aggregate a vendor's (and optional product's) CVEs into count-by-year, CVSS severity distribution, average score, and a recent-vs-prior trend — historical analytics over the NVD keyword search (keyless). Distinct from listing CVEs or trending CVEs: this is the computed metric. Answers 'how many CVEs does this vendor have', 'CVE trend for a product', 'severity breakdown of CVEs for X', 'is this vendor getting more vulnerable over time'.

Price$0.01per request
MethodPOST
Route/v1/security/cve-stats
StatusLive
MIME typeapplication/json
Rate limit60/minute
Cache3600s public
securitycvenvdvulnerabilityanalyticstrendcvssstatistics
API URLhttps://x402.hexl.dev/v1/security/cve-stats
Integration docs
Example request
{
  "vendor": "openssl"
}
Example response
{
  "vendor": "openssl",
  "product": null,
  "totalMatched": 240,
  "analyzedSample": 240,
  "countByYear": {
    "2022": 18,
    "2023": 21,
    "2024": 25,
    "2025": 12
  },
  "firstYear": 1999,
  "lastYear": 2025,
  "severityDistribution": {
    "CRITICAL": 22,
    "HIGH": 90,
    "MEDIUM": 100,
    "LOW": 20,
    "NONE": 0,
    "UNKNOWN": 8
  },
  "averageCvss": 6.71,
  "recentTwoYears": 37,
  "priorTwoYears": 39,
  "trend": "stable"
}
Input schema
{
  "type": "object",
  "required": [
    "vendor"
  ],
  "properties": {
    "vendor": {
      "type": "string",
      "minLength": 1,
      "examples": [
        "openssl"
      ]
    },
    "product": {
      "type": "string",
      "examples": [
        "openssl"
      ]
    }
  }
}
Output schema
{
  "type": "object",
  "additionalProperties": true
}