> ## Documentation Index
> Fetch the complete documentation index at: https://docs.synack.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Create a vulnerability comment

> Create a new comment for a specific vulnerability



## OpenAPI

````yaml /monolith-v1-openapi.yaml post /v1/vulnerabilities/{vulnerability_id}/comments
openapi: 3.0.3
info:
  title: Synack API
  version: 2.0.0
  description: >
    Comprehensive API for Synack's security testing platform, providing
    endpoints for managing assessments, vulnerabilities, users, and security
    testing operations.
  contact:
    name: Synack Engineering
    email: engineering@synack.com
  license:
    name: Proprietary
servers:
  - url: https://api.synack.com
    description: Commercial - V1 API
  - url: https://api.synack.us
    description: FedRAMP (Medium) - V1 API
security:
  - BearerAuth: []
  - BasicAuth: []
  - ApiKeyAuth: []
tags:
  - name: Assessments
    description: Operations related to security assessments
  - name: Tests
    description: Operations related to security tests
  - name: Vulnerabilities
    description: Operations related to security vulnerabilities
  - name: Suspected Vulnerabilities
    description: Operations related to suspected vulnerabilities
  - name: Comments
    description: Operations related to comments
  - name: Patch Verifications
    description: Operations related to patch verifications
  - name: Users
    description: Operations related to users
  - name: Assessment Groups
    description: Operations related to assessment groups
  - name: Tags
    description: Operations related to tags
  - name: Vulnerability Statuses
    description: Operations related to vulnerability statuses
  - name: Listings
    description: Operations related to listings
paths:
  /v1/vulnerabilities/{vulnerability_id}/comments:
    post:
      tags:
        - Comments
      summary: Create a vulnerability comment
      description: Create a new comment for a specific vulnerability
      operationId: createVulnerabilityComment
      parameters:
        - name: vulnerability_id
          in: path
          required: true
          schema:
            type: string
          description: Vulnerability ID
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              required:
                - text
              properties:
                text:
                  type: string
                  description: Comment text
                type:
                  type: string
                  description: Comment type
      responses:
        '201':
          description: Comment created successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Comment'
        '400':
          description: Bad request
        '404':
          description: Vulnerability not found
components:
  schemas:
    Comment:
      type: object
      properties:
        id:
          type: integer
        text:
          type: string
        type:
          type: string
        created_at:
          type: string
          format: date-time
        updated_at:
          type: string
          format: date-time
        user:
          $ref: '#/components/schemas/CommentUser'
        attachments:
          type: array
          items:
            $ref: '#/components/schemas/Attachment'
    CommentUser:
      required:
        - email
        - id
        - name
      type: object
      properties:
        id:
          type: integer
          format: int64
        name:
          type: string
          description: name of the user
        email:
          type: string
          description: e-mail address of the user
    Attachment:
      type: object
      properties:
        id:
          type: integer
        filename:
          type: string
        content_type:
          type: string
        file_size:
          type: integer
        created_at:
          type: string
          format: date-time
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
    BasicAuth:
      type: http
      scheme: basic
    ApiKeyAuth:
      type: apiKey
      in: header
      name: X-Auth

````