#threat-intel

Prioritise CVEs by real-world exploitation risk — not just severity. Combines the FIRST.org EPSS score (the probability, 0 to 1, that a CVE will be exploited in the next 30 days, with its percentile rank) and the CISA KEV catalog (vulnerabilities confirmed to be actively exploited in the wild — with the vendor, product, date added, remediation due date and whether the flaw is used in ransomware campaigns), and derives a single priority level for each CVE. Look up to 25 CVEs in one call, browse the full CISA Known Exploited Vulnerabilities catalog filtered by vendor, product or ransomware use, or list the CVEs with the highest current EPSS scores. Built for vulnerability management, patch prioritisation, risk scoring and security dashboards — answering not "how bad could this be?" but "how likely is it to actually be exploited?". A vulnerability-prioritisation layer — distinct from raw CVE details and CVSS severity (cve), password-breach checks (pwned) and the HTTP security-header grader (secheaders). Data live from FIRST.org and CISA. No upstream key, no cache.

api.oanor.com/vulnintel-api

Internet routing and number-resource intelligence as an API, powered by RIPEstat — the open data service of the RIPE NCC, one of the world's five Regional Internet Registries. Answer the questions network engineers, security teams and researchers ask about the public internet: which Autonomous System and prefix does an IP address belong to; what is an AS (its operator/holder name, whether it is currently announced in BGP, its type and registration block); which IPv4 and IPv6 prefixes does an AS announce; who are an AS's BGP neighbours and peers (and how many); who is the abuse-reporting contact for an IP, prefix or ASN, and which RIR is authoritative; and is a prefix correctly originated according to RPKI route-origin validation (valid, invalid or unknown) with the matching ROAs. The data is real-time, drawn from the RIPE NCC's global network of BGP route collectors and the registries. Inputs accept IPv4 and IPv6 addresses, CIDR prefixes and AS numbers (with or without the AS prefix). Ideal for network operations, threat intelligence and abuse handling, BGP and RPKI monitoring, IP reputation and OSINT tooling, and internet research. Data from the RIPE NCC RIPEstat service.

api.oanor.com/ripestat-api