Published 27 May 2025 12:00 AM
4 min. read

New and Improved Archive API: Faster, Cleaner, and More Efficient Data Retrieval

This post thumbnail

At Vulners, we're constantly looking for ways to make accessing and managing vulnerability data simpler, faster, and more efficient. That's why we're excited to announce a significant update to our API, designed to improve your workflow with our reworked data collections archives.

A Brief Look at How Collections Worked Before

Historically, Vulners data collections archives — representing individual data sources — were updated whenever records appeared or existing records changed at the source. While functional, this approach had limitations, especially since Vulners continuously cross-links and enriches records, making it challenging for users to pinpoint recently enriched or interlinked updates.

Timestamps Bring Clarity

Earlier this year, we introduced clear and precise timestamp structures across all our records. Each record now clearly indicates:

  • When it was initially added to the Vulners database.
  • The last time it was updated or enriched.
  • The last interaction timestamp with its original source.

Vulners timestamp structure

This enhancement was the first step in improving visibility into data freshness and update history.

Meet the New Collection Archive API

We're now launching an entirely new API for working with Vulners' collection archives. This API includes two intuitive endpoints:

  • v4/archive/collection
    • Fetches a precompiled collection archive directly from our CDN.
    • Requires only one parameter: type (specifying the desired collection).
    • Archives are updated every 4 hours, ensuring timely yet stable access.
    • In the Vulners Python SDK, a corresponding function for this endpoint is fetch_collection().
  • v4/archive/collection-update
    • Directly accesses our database to retrieve records updated since a specific timestamp.
    • Parameters: type (collection type) and after (timestamp).
    • Limited to retrieving updates within the last 25 hours for optimal performance.
    • Handles busy collections effortlessly (e.g., up to 50,000 updated CVE records per query) if you call this endpoint right after the EPSS scores were updated.
    • In the Vulners Python SDK, a corresponding function for this endpoint is fetch_collection_update().

Simplified, Streamlined, and Fast

We've greatly simplified the response structure, eliminating redundant indices and unnecessary data nesting. This cleaner format significantly reduces complexity and enhances readability, making your parsing and analysis faster and more efficient.

[
    `{'id': 'EDB-ID:20048', ... 'timestamps.updated': '2025-05-21T13:14:26.791000+00:00', ...},`
    `{'id': 'EDB-ID:18781', ... 'timestamps.updated': '2025-05-21T13:14:26.648000+00:00', ...},`
    `{'id': 'EDB-ID:30807', ... 'timestamps.updated': '2025-05-21T11:54:55.905000+00:00', ...},`
    `{'id': 'EDB-ID:31180', ... 'timestamps.updated': '2025-05-21T11:54:55.150000+00:00', ...},`

    `...,`

    `{'id': 'EDB-ID:46363', ... 'timestamps.updated': '2025-04-02T20:47:28+00:00', ...}`
]

In fact, our testing shows retrieval speeds are twice as fast compared to our previous API version, even for the largest archives.

Additionally, please note that both endpoints return collection records sorted by timestamps.updated in descending order (newest to oldest).

Cost Optimization to Empower Frequent Updates

We've also optimized our pricing model for these API endpoints:

  • v4/archive/collection remains at 100 API credits per call, the same as the previous version.
  • The new v4/archive/collection-update endpoint is priced at just 20 API credits per call.

You can now economically perform more frequent data refreshes using the new endpoint, helping you maintain a cutting-edge vulnerability management practice.

Optimal Workflow Recommendations

To get the best of both worlds — stable archives and recent updates — we recommend the following:

  1. First, retrieve the precompiled archive with v4/archive/collection.
  2. Immediately afterward, use v4/archive/collection-update, setting the after parameter to the latest timestamps.updated value (from the first record) of the fetched archive. If the latest timestamp is more than 25 hours old, use 5 hours ago as a default fallback.

Vulners recommended workflow diagram

If your use case allows for daily data updates, after initial source synchronization, you can set a cron job to call v4/archive/collection-update every 24 hours. Set the after parameter with a slight overlap of this time interval (remember, no more than 25 hours). This will ensure—provided your automation runs reliably—that you get all new and updated records within the 24-hour timeframe.

If you need more frequent updates, use v4/archive/collection-update at the appropriate intervals. Using timestamps.updated from the first record in the previous call is a good strategy for setting the after parameter in this case.

For less frequent updates, use the combination of v4/archive/collection and v4/archive/collection-update calls as described earlier.

Using v4/archive/collection periodically to refresh all data can also be a good strategy.

Further Information

Important Notice: API Deprecation

Please be aware that the previous v3/archive/collection API calls will be deprecated by the end of 2025. We strongly encourage all users to transition to the new API endpoints detailed above to ensure uninterrupted service.

For detailed guidance, endpoint examples, and additional information, please refer to our API Documentation.

We hope these updates significantly enhance your Vulners experience. Stay secure, stay updated!