The playground

Try any of 817 endpoints — live.

Pick an endpoint, load a working example, tweak the params, and send — no signup to try. Results render the way the data deserves; raw JSON, headers & code are one tab away.

Playground demo key · api.reefapi.com

post/vuln-intel/v1/advisory_search1 credit

Search the GitHub Advisory Database (GHSA) by ecosystem, severity, CVE, free text, type. Cursor-paginated (meta.next_cursor).

Working example

Parameters

ecosystemoptional

Filter advisories by GitHub ecosystem token (note GitHub's spelling: 'pip' for Python, 'rust' for crates, 'actions' for GitHub Actions).

severityoptional

Filter advisories by qualitative severity.

cve_idoptional

Return only the advisory(ies) for this exact CVE id.

queryoptional

Free-text search across advisory summary/description.

typeoptional

Advisory review state. 'reviewed' (default) = GitHub-curated; 'malware' = malicious-package advisories.

sortoptional

Sort field for the advisory list.

directionoptional

Sort direction.

per_pageoptional

Results per page (1-100, default 30). Larger values are clamped. (1–100)

cursoroptional

Opaque pagination cursor for the next page of advisories — pass the value from meta.next_cursor. (GHSA paginates by cursor, not page number.)

request preview

curl -X POST https://api.reefapi.com/vuln-intel/v1/advisory_search \
  -H "x-api-key: $REEF_KEY" \
  -H "content-type: application/json" \
  -d '{"ecosystem":"pip","severity":"critical","per_page":"5"}'

Hit Send to run this endpoint live.