Feed API
Signals via API
Feed API access for integrations is available under Business plans. Public endpoints show a limited or redacted payload; Pro is for individual app access.
Public sample from today's flagship detail endpoint. Public payloads can be limited or redacted. The backend exposes read endpoints for signals, storylines, and briefings.
Public flagship sample
GET /v1/narratives/4a35c94d-748f-4bf3-a145-c4eee72e39d8?tenant=cybersecurity&run_id=ae19d7af-2dea-4272-95b2-a2de32ac99c5
{
"id": "4a35c94d-748f-4bf3-a145-c4eee72e39d8",
"title": "Linux Kernel: CVSS (Max): 7.8",
"summary": "=========================================================================== AUSCERT Security Bulletin ASB-2026.0100 CVE-2026-31431: Copy Fail - Trivial local privilege escalation 30 April 2026 =========================================================================== AUSCERT Security Bulletin Summary --------------------------------- Product: Linux Kernel Operating System: Linux Resolution: Patch",
"first_seen_at": "2026-03-30T00:22:09Z",
"last_seen_at": "2026-04-30T15:18:39.025354Z",
"created_at": "2026-03-30T05:07:03.102026Z",
"updated_at": "2026-05-01T05:11:15.028183Z",
"timeframe": "24h",
"run_id": "ae19d7af-2dea-4272-95b2-a2de32ac99c5",
"metrics": {
"divergence": 0.5455,
"post_count": 9,
"momentum_1h": 0,
"momentum_7d": 9,
"score_total": 1.973255,
"shill_score": 16.67,
"momentum_24h": 9,
"market_movers": [],
"evidence_score": 1,
"unique_authors": 5,
"coherence_score": 0.7484,
"diversity_bonus": 0.25,
"duplicate_ratio": 0,
"platforms_count": 1,
"social_momentum": 9,
"divergence_label": "chatter_without_pricing",
"market_conviction": 0,
"origin_share_top1": 0.111111,
"unique_publishers": 9,
"origin_layer_posts": 1,
"source_types_count": 1,
"unique_authors_24h": 5,
"unique_origin_urls": 9,
"amplifier_share_top1": 0.111111,
"author_concentration": 0.5556,
"publisher_share_top1": 0.111111,
"amplifier_layer_posts": 8,
"concentration_penalty": 0,
"unique_origin_domains": 9,
"source_diversity_bonus": 0,
"unique_publisher_types": 2,
"unique_origin_publishers": 9
},
"platforms": [
"rss"
],
"top_tickers": [],
"why_now": [],
"display_title": "Linux 'Copy Fail' vulnerability enables local attackers to gain root access on major distributions",
"display_summary": "A critical local privilege escalation flaw, CVE-2026-31431, nicknamed 'Copy Fail,' has been disclosed affecting Linux kernels since 2017.",
"narrative_frame_display": null,
"entities": null,
"recurring_claims": [
{
"claim": "CVE-2026-31431 'Copy Fail' is a local privilege escalation vulnerability in the Linux kernel allowing root access.",
"evidence_urls": [
"https://bleepingcomputer.com/news/security/new-linux-copy-fail-flaw-gives-hackers-root-on-major-distros",
"https://thehackernews.com/2026/04/new-linux-copy-fail-vulnerability.html",
"https://helpnetsecurity.com/2026/04/30/copyfail-linux-lpe-vulnerability-cve-2026-31431"
]
},
{
"claim": "The vulnerability affects Linux kernels released since 2017 and impacts all major distributions.",
"evidence_urls": [
"https://cert.europa.eu/publications/security-advisories/2026-005",
"https://securityweek.com/copy-fail-logic-flaw-in-linux-kernel-enables-system-takeover",
"https://portal.auscert.org.au/bulletins/ASB-2026.0100"
]
},
{
"claim": "A public proof-of-concept exploit is available, and patches have started rolling out but many distributions remain unpatched.",
"evidence_urls": [
"https://go.theregister.com/feed/www.theregister.com/2026/04/30/linux_cryptographic_code_flaw",
"https://cert.europa.eu/publications/security-advisories/2026-005",
"https://bankinfosecurity.com/linux-copy-fail-flaw-delivers-root-level-access-to-distros-a-31558"
]
}
],
"stance_map": [
{
"stance": "neutral",
"who": "CERT-EU",
"evidence_urls": [
"https://cert.europa.eu/publications/security-advisories/2026-005"
]
}
],
"quality_flags": {
"mixed_topic_risk": "low",
"promo_risk": "low",
"source_quality": "high"
},
"editor_note": null,
"display_tags": [
"cve",
"linux",
"local_privilege_escalation",
"vulnerability",
"patching",
"incident_response"
],
"tags": [
"cve",
"linux",
"local_privilege_escalation",
"vulnerability",
"patching",
"incident_response"
],
"cscope_tags": [
"cve",
"linux",
"local_privilege_escalation",
"vulnerability",
"patching",
"incident_response"
],
"why_now_display": [
"The vulnerability affects Linux kernels since 2017, impacting a broad range of systems worldwide.",
"A public proof-of-concept exploit has been released, enabling attackers to weaponize the flaw easily.",
"While a fix exists, many vendors have yet to distribute patches, leaving systems vulnerable."
],
"why_it_matters_display": [
"The flaw allows local attackers to gain root access, threatening system integrity across major Linux distributions.",
"Many critical systems like Kubernetes nodes and CI/CD runners are at risk if unpatched, increasing exposure to attacks.",
"Public exploit availability and delayed patching heighten the urgency for immediate mitigation and updates."
],
"show_why": true,
"sources_display": [
{
"label": "cert.europa.eu: CERT-EU Security Advisories"
},
{
"label": "BankInfoSecurity: Linux 'Copy Fail' Flaw Delivers Root-Level Access to Distros"
},
{
"label": "bleepingcomputer_all: New Linux ‘Copy Fail’ flaw gives hackers root on major distros"
},
{
"label": "Help Net Security: Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)"
},
{
"label": "SecurityWeek: ‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover"
}
],
"trend_status": "flat",
"trend_sparkline": "▁█",
"trend_points_n": 0,
"trend_window": {
"lookback_days": 14,
"max_points": 36,
"value_key": null
},
"llm_status": "accepted",
"llm_meta": {
"model": "gpt-4.1-mini-2025-04-14",
"prompt_version": "enrich_v3",
"input_hash": "44db2d58a708352459bc97b9d811a8ab616c162fc12c61c1d3b6677f8fd6936e",
"updated_at": "2026-04-30T17:15:22.597491+00:00",
"llm_metadata": {
"env": "prod",
"host": "9a92914029e2",
"stage": "signals.enrich",
"run_id": "ae19d7af-2dea-4272-95b2-a2de32ac99c5",
"tenant": "cybersecurity",
"service": "api",
"pipeline": "pipeline_run",
"correlation_id": "4a35c94d-748f-4bf3-a145-c4eee72e39d8"
}
},
"story_id": "74378214-478e-4b1d-a66c-654ae9b18490",
"public_surface": {
"eligible_for_flagship_sample": true,
"eligible_for_top_public_brief": true,
"eligible_for_public_index": false,
"eligible_only_for_lower_or_internal_surfaces": false,
"public_rank_score": 12,
"structural_priority": true,
"mostly_social": false,
"community_chatter": false,
"reader_label": null,
"excluded_reasons": [],
"source_signals": {
"post_count": 9,
"unique_origins": 9,
"source_types_count": 1,
"independent_non_social_count": 9,
"social_source_count": 0,
"non_social_source_count": 0,
"why_now_count": 3,
"why_it_matters_count": 3
}
},
"current_cycle_open": false
}Capabilities
- Signals and storylines feed endpoints with filtering and rate limits
- Briefing delivery endpoints for integrations
- Evidence link payloads for auditability
Integrate in your workflow
- Route top stories into Slack or Teams for morning and evening desk updates.
- Sync storyline evidence into Notion, Airtable, or internal research trackers.
- Feed metrics into BI dashboards for momentum, concentration, and source mix monitoring.
Quick start endpoints: /v1/feed/stories, /v1/signals, /v1/storylines/search, /v1/briefings/latest.
For product access, see Pricing.