# Vulnerability-Lookup (Computer Incident Response Center Luxembourg (CIRCL))

> Platform for correlating vulnerabilities from multiple sources, managing
> Coordinated Vulnerability Disclosure, and providing a collaborative space
> for security advisories. Automated consumers should sync via the API
> (plus the pub/sub stream) — do **not** enumerate the API to mirror the dataset.

## Canonical access path

- [Incremental sync](https://vulnerability.circl.lu/api/vulnerability/?since=YYYY-MM-DD): use `since=` for catch-up pulls
- [Real-time stream](https://vulnerability.circl.lu/pubsub/subscribe/comment): SSE pub/sub feed (X-API-KEY required; topics: `comment`, `bundle`, `sighting`, `vulnerability`)
- [Targeted lookup](https://vulnerability.circl.lu/api/vulnerability/<id>): for interactive use cases

## Policy and discovery

- [Machine-readable policy](https://vulnerability.circl.lu/.well-known/api-policy.json): contact, sync paths, rate-limit posture, expiry
- [Security contact](https://vulnerability.circl.lu/.well-known/security.txt): RFC 9116 security.txt
- [Crawler policy](https://vulnerability.circl.lu/robots.txt): disallowed agents

## Documentation

- [Project documentation](https://www.vulnerability-lookup.org/documentation): overview, configuration, usage
- [Access patterns for automated consumers](https://www.vulnerability-lookup.org/documentation/access-patterns.html): authoritative guidance
- [API documentation](https://vulnerability.circl.lu/api): endpoint reference

## Optional

- [Bulk dumps](https://vulnerability.circl.lu/dumps/): NDJSON exports - operator-published, an optional open-data convenience. Not a sync mechanism.


## Etiquette

- Identify your client with a User-Agent that includes a contact URL or email.
- Honour `since=` and the stream rather than enumerating.
- Contact: info@circl.lu