{"bulk_dumps":{"available":true,"note":"Optional, instance-specific open-data convenience \u2014 not a sync mechanism. Re-pulling a full export on a schedule is worse for the server than an API client using since= and yields stale data between runs.","url":"https://vulnerability.circl.lu/dumps/"},"contact":{"email":"mailto:info@gcve.eu","url":"https://db.gcve.eu/about"},"documentation":{"access_patterns":"https://www.vulnerability-lookup.org/documentation/access-patterns.html","api":"https://db.gcve.eu/api","general":"https://www.vulnerability-lookup.org/documentation"},"expires":"2027-05-29T18:37:34+00:00","instance":{"base_url":"https://db.gcve.eu","name":"Vulnerability-Lookup (db.gcve.eu)","operator":"Global CVE Allocation System","operator_url":"https://gcve.eu/","uuid":"36161c14-9c7f-4167-bf35-710f406ea15d"},"policy_url":"https://db.gcve.eu/.well-known/api-policy.json","rate_limits":{"enforced":false,"policy":"Enforced limits are advertised in the rate_limits block of this document and via standard X-RateLimit-* response headers.","runtime_headers":"No enforced limits today. Clients should still parse standard rate-limit headers when present, in case the operator enables enforcement."},"sync":{"canonical_path":"api+stream","guidance":"Use the API for synchronisation. The 'since=' parameter on /api/vulnerability/ (and equivalent endpoints) supports incremental pulls. The pub/sub stream provides real-time updates without polling. Do not enumerate the API to mirror the dataset.","incremental_endpoint":"/api/vulnerability/?since=YYYY-MM-DD","stream_auth":"X-API-KEY header (per-user API token)","stream_available":true,"stream_endpoint":"/pubsub/subscribe/{topic}","stream_format":"text/event-stream (Server-Sent Events)","stream_topics":["vulnerability","comment","bundle","sighting"]},"user_agent":{"expectation":"Identify automated clients with a meaningful User-Agent string that includes a contact URL or email."},"version":"1"}