Vulnerabilities affecting the installed base can be retrieved via the REST API using the vulnerabilities resource.
Retrieving the full vulnerabilities list
retrieves all vulnerabilities that affect the installed base, as listed in WORKFLOWS/CVE/List.
Retrieving data for a particular vulnerability
retrieves data for a particular vulnerability is identified as a sub-resource, using its Common Vulnerability Enumerator (CVE).