National Vulnerability Database vs PhishStats

Same instrument, two spec sheets — measured, not claimed.

Uptime · 30d
Uptime · 90d—%—%
Uptime · 30d—%—%
P50 · ms
P95 · ms
Authnonenone
CORSyesno
HTTPSyesyes
Card requirednono
Commercial useyesunclear
Data licensePublic domain (U.S. Government work)Unverified
Free tierFree — no key required (free key raises limits)Free — limits not published
Rate limit5 requests per rolling 30 seconds without an API key (50 with a free key)Unpublished
In directory since2026-07-052026-07-05
operationalpartialdownno data

National Vulnerability Database vs PhishStats: common questions

Which is more reliable, National Vulnerability Database or PhishStats?

On our scheduled checks, PhishStats leads on measured uptime — National Vulnerability Database at —% versus PhishStats at —% over 90 days. These are our own probe results, not provider claims; the uptime bars above show the day-by-day record for both.

Do National Vulnerability Database and PhishStats need an API key?

Neither needs a paid key — National Vulnerability Database is callable with no signup, and PhishStats is callable with no signup. Both are quick to prototype with; rate limits still apply.

Can I call National Vulnerability Database and PhishStats from the browser?

Only National Vulnerability Database is browser-friendly — it returns CORS headers over HTTPS. PhishStats needs a server-side call or proxy, so factor that into which one fits a front-end project.

Are National Vulnerability Database and PhishStats free for commercial use?

National Vulnerability Database allows commercial use on its free tier, and PhishStats has unclear commercial terms. We track service terms and the data license as separate fields — see the Commercial use and Data license rows above, and confirm both before shipping either in a paid product.