Access AI Sec Watch data programmatically. All endpoints return JSON with CORS enabled, so you can call them from any domain.
import pandas as pd
# Load full dataset (CSV)
df = pd.read_csv("https://aisecwatch.com/api/issues/export")
# Or use the JSON API with filtering
import requests
resp = requests.get("https://aisecwatch.com/api/v1/issues", params={
"severity": "critical",
"limit": 100,
})
data = resp.json()["data"]No API key required. 60 requests/minute. All data CC-BY-4.0.
/api/v1/issuesList relevant, processed security issues with optional filtering and pagination.
searchstringSearch issues by title, summary, and CVE IDlabelstringFilter by label (e.g. "security", "privacy", "research", "safety")severitystringFilter by severity (e.g. "critical", "high", "medium", "low")issueTypestringFilter by issue type: "vulnerability", "incident", "news", "regulatory", "research"vendorstringFilter by affected vendor (e.g. "OpenAI", "Anthropic", "Google", "LangChain")sinceISO 8601 dateOnly return issues published after this datelimitnumberResults per page (default 20, max 100)offsetnumberNumber of results to skip (default 0)confidenceMinnumberMinimum classifier confidence 0-1 (e.g. 0.8 for >80%){
"data": [
{
"id": "a1b2c3d4-...",
"title": "Critical prompt injection in LangChain",
"summary": "A critical vulnerability was found...",
"sourceUrl": "https://...",
"publishedAt": "2026-02-10T12:00:00.000Z",
"severity": "critical",
"cvssSeverity": "CRITICAL",
"cvssScore": "9.8",
"labels": ["security"],
"issueType": "vulnerability",
"cveId": "CVE-2026-1234",
"cweIds": ["CWE-77"],
"affectedPackages": ["langchain"],
"affectedVendors": ["LangChain"],
"affectedVendorsRaw": ["LangChain", "OpenAI"],
"classifierModel": "claude-haiku-4-5-20251001",
"classifierPromptVersion": "v3",
"solution": "Upgrade to v0.1.1 or later",
"attackType": ["prompt_injection"],
"cvssVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "network",
"attackComplexity": "low",
"privilegesRequired": "none",
"userInteraction": "none",
"exploitMaturity": "active",
"epssScore": 0.87,
"patchAvailable": true,
"disclosureDate": "2026-02-08T00:00:00.000Z",
"capecIds": ["CAPEC-242"],
"crossRefCount": 3,
"attackSophistication": "moderate",
"impactType": ["confidentiality", "integrity"],
"aiComponentTargeted": "framework",
"llmSpecific": true,
"classifierConfidence": 0.92
}
],
"meta": {
"total": 142,
"limit": 20,
"offset": 0
}
}/api/v1/issues/:idGet a single issue by its UUID. Returns 404 if not found or not relevant.
{
"data": {
"id": "a1b2c3d4-...",
"title": "Critical prompt injection in LangChain",
"summary": "A critical vulnerability was found...",
"sourceUrl": "https://...",
"publishedAt": "2026-02-10T12:00:00.000Z",
"severity": "critical",
"cvssSeverity": "CRITICAL",
"cvssScore": "9.8",
"labels": ["security"],
"issueType": "vulnerability",
"cveId": "CVE-2026-1234",
"cweIds": ["CWE-77"],
"affectedPackages": ["langchain"],
"solution": "Upgrade to v0.1.1 or later",
"attackType": ["prompt-injection"]
}
}/api/v1/digest/latestGet the latest daily TLDR digest. Falls back to the most recent non-empty digest.
{
"data": {
"date": "2026-02-12",
"content": "## AI Security TLDR — Feb 12, 2026\n\n...",
"issueCount": 8,
"generatedAt": "2026-02-12T06:00:00.000Z"
}
}/api/v1/issues/stixExport issues as a STIX 2.1 bundle. Compatible with MISP, OpenCTI, ThreatConnect, and other threat intelligence platforms.
severitystringFilter by severity (e.g. "critical", "high")issueTypestringFilter by issue type (e.g. "vulnerability")sinceISO 8601 dateOnly return issues published after this datelimitnumberMax issues to include (default 50, max 100){
"type": "bundle",
"id": "bundle--a1b2c3d4-...",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--d3c1e7a0-...",
"name": "AI Sec Watch",
"identity_class": "system"
},
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--a1b2c3d4-...",
"name": "CVE-2026-1234",
"description": "Critical prompt injection...",
"external_references": [
{ "source_name": "cve", "external_id": "CVE-2026-1234" }
]
},
{
"type": "attack-pattern",
"spec_version": "2.1",
"id": "attack-pattern--e5f6a7b8-...",
"name": "Prompt Injection"
}
]
}/api/v1/statsGet aggregate platform statistics.
{
"data": {
"totalIssues": 1420,
"totalDigests": 85,
"last24h": 12,
"last7d": 67
}
}/api/v1/webhooksCreate a webhook to receive real-time notifications when new issues match your filters. Requires WEBHOOK_API_KEY bearer auth. Payloads are signed with HMAC-SHA256.
urlstring (body)The HTTPS URL to receive webhook POSTsfiltersobject (body)Optional filters: { severity, issueType, vendor, llmSpecific }// Request
POST /api/v1/webhooks
Authorization: Bearer YOUR_WEBHOOK_API_KEY
{
"url": "https://your-server.com/webhook",
"filters": { "severity": "critical", "llmSpecific": true }
}
// Response (201)
{
"data": {
"id": "a1b2c3d4-...",
"url": "https://your-server.com/webhook",
"secret": "hmac_secret_hex_string",
"active": true
}
}
// Webhook payload (POST to your URL)
{
"event": "new_issues",
"issues": [ ... ],
"deliveredAt": "2026-03-12T12:00:00.000Z"
}
// Header: X-Webhook-Signature: sha256=...All errors follow a consistent format:
{
"error": {
"message": "Rate limit exceeded. Max 60 requests per minute.",
"status": 429
}
}400 — Bad request (invalid parameters)
404 — Resource not found
429 — Rate limit exceeded
500 — Internal server error
If you use this dataset in academic research, industry analysis, or threat intelligence work, please cite it. You can copy the citation text or download it as a file for import into your reference manager (Zotero, Mendeley, EndNote, etc.).
@misc{luu2026aisecwatch,
author = {Luu, T.J.},
title = {{AI Sec Watch Dataset}: Structured {AI} Security Threat Intelligence},
year = {2026},
howpublished = {\url{https://aisecwatch.com/api-docs}},
note = {Accessed: March 17, 2026}
}