EPSS histories no longer showing via API

Vulmatch
,
1

I used to get histories using the following request…

curl -X 'GET' \
  'https://api.vulmatch.com/v1/epss/objects/' \
  -H 'accept: application/json' \
  -H 'API-KEY: XXX'

But now the response only contain one date (the latest)

{
  "page_size": 500,
  "page_number": 1,
  "page_results_count": 500,
  "total_results_count": 304270,
  "objects": [
    {
      "created": "2025-04-29T20:15:25.563Z",
      "created_by_ref": "identity--9779a2db-f98c-5f4b-8d08-8ee04e02dbb5",
      "extensions": {
        "extension-definition--efd26d23-d37d-5cf2-ac95-a101e46ce11d": {
          "extension_type": "toplevel-property-extension"
        }
      },
      "external_references": [
        {
          "source_name": "cve",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4080",
          "external_id": "CVE-2025-4080"
        },
        {
          "source_name": "arango_cve_processor",
          "external_id": "cve-epss"
        }
      ],
      "id": "report--000fee06-0525-5ad0-b8a6-1b7a93286146",
      "labels": [
        "epss"
      ],
      "modified": "2025-12-16T00:00:00.000Z",
      "name": "EPSS Scores: CVE-2025-4080",
      "object_marking_refs": [
        "marking-definition--94868c89-83c2-464b-929b-a1a8aa3c8487",
        "marking-definition--152ecfe1-5015-522b-97e4-86b60c57036d"
      ],
      "object_refs": [
        "vulnerability--cbef9662-1d76-5f2e-b0bd-38587ff4095f"
      ],
      "published": "2025-04-29T20:15:25.563Z",
      "spec_version": "2.1",
      "type": "report",
      "x_epss": [
        {
          "epss": 0.0004,
          "percentile": 0.12074,
          "date": "2025-12-16"
        }
      ]
    },

I know it exists because I can see it in the app

image
image1920×2226 153 KB

So my question is; How can I get the historic EPSS data?

2

Sorry about this. We actually changed the response of this endpoint due to size.

The more EPSS records in the object, the larger the object size (duh!). However, they were starting to get to a size where printing 50 in a response became quite large… and would only become larger.

To avoid crashing downstream tools (and our servers) we now only show the latest score in the epss search.

However, if you request EPSS for a CVE you’ll see the history

https://api.vulmatch.com/v1/epss/objects/CVE-2025-4080/

{
  "page_size": 500,
  "page_number": 1,
  "page_results_count": 1,
  "total_results_count": 1,
  "objects": [
    {
      "created": "2025-04-29T20:15:25.563Z",
      "created_by_ref": "identity--9779a2db-f98c-5f4b-8d08-8ee04e02dbb5",
      "extensions": {
        "extension-definition--efd26d23-d37d-5cf2-ac95-a101e46ce11d": {
          "extension_type": "toplevel-property-extension"
        }
      },
      "external_references": [
        {
          "source_name": "cve",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4080",
          "external_id": "CVE-2025-4080"
        },
        {
          "source_name": "arango_cve_processor",
          "external_id": "cve-epss"
        }
      ],
      "id": "report--000fee06-0525-5ad0-b8a6-1b7a93286146",
      "labels": [
        "epss"
      ],
      "modified": "2025-12-16T00:00:00.000Z",
      "name": "EPSS Scores: CVE-2025-4080",
      "object_marking_refs": [
        "marking-definition--94868c89-83c2-464b-929b-a1a8aa3c8487",
        "marking-definition--152ecfe1-5015-522b-97e4-86b60c57036d"
      ],
      "object_refs": [
        "vulnerability--cbef9662-1d76-5f2e-b0bd-38587ff4095f"
      ],
      "published": "2025-04-29T20:15:25.563Z",
      "spec_version": "2.1",
      "type": "report",
      "x_epss": [
        {
          "epss": 0.0004,
          "percentile": 0.12074,
          "date": "2025-12-16"
        },
        {
          "epss": 0.0004,
          "percentile": 0.12088,
          "date": "2025-12-15"
        },
        {
          "epss": 0.0004,
          "percentile": 0.12137,
          "date": "2025-12-14"
        },
        {
          "epss": 0.0003,
          "percentile": 0.07946,
          "date": "2025-12-13"
        },
        {
          "epss": 0.0003,
          "percentile": 0.07979,
          "date": "2025-12-12"
        },
        {
          "epss": 0.0003,
          "percentile": 0.07966,
          "date": "2025-12-11"
        },
        {
          "epss": 0.0003,
          "percentile": 0.07913,
          "date": "2025-12-10"
        },
        {
          "epss": 0.0003,
          "percentile": 0.07844,
          "date": "2025-12-09"
        },
CUT FOR BREVITY

On the CVE bundle endpoint (https://api.vulmatch.com/v1/cve/objects/CVE-2025-4080/bundle/) you will also get the full EPSS history in the EPSS report object.