> ## Documentation Index
> Fetch the complete documentation index at: https://docs.synack.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Update a vulnerability

> Update a specific vulnerability's status or tags



## OpenAPI

````yaml /monolith-v1-openapi.yaml patch /v1/vulnerabilities/{id}
openapi: 3.0.3
info:
  title: Synack API
  version: 2.0.0
  description: >
    Comprehensive API for Synack's security testing platform, providing
    endpoints for managing assessments, vulnerabilities, users, and security
    testing operations.
  contact:
    name: Synack Engineering
    email: engineering@synack.com
  license:
    name: Proprietary
servers:
  - url: https://api.synack.com
    description: Commercial - V1 API
  - url: https://api.synack.us
    description: FedRAMP (Medium) - V1 API
security:
  - BearerAuth: []
  - BasicAuth: []
  - ApiKeyAuth: []
tags:
  - name: Assessments
    description: Operations related to security assessments
  - name: Tests
    description: Operations related to security tests
  - name: Vulnerabilities
    description: Operations related to security vulnerabilities
  - name: Suspected Vulnerabilities
    description: Operations related to suspected vulnerabilities
  - name: Comments
    description: Operations related to comments
  - name: Patch Verifications
    description: Operations related to patch verifications
  - name: Users
    description: Operations related to users
  - name: Assessment Groups
    description: Operations related to assessment groups
  - name: Tags
    description: Operations related to tags
  - name: Vulnerability Statuses
    description: Operations related to vulnerability statuses
  - name: Listings
    description: Operations related to listings
paths:
  /v1/vulnerabilities/{id}:
    patch:
      tags:
        - Vulnerabilities
      summary: Update a vulnerability
      description: Update a specific vulnerability's status or tags
      operationId: updateVulnerability
      parameters:
        - name: id
          in: path
          required: true
          schema:
            type: string
          description: Vulnerability ID
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                status_id:
                  type: integer
                  description: New vulnerability status ID
                tags:
                  type: array
                  items:
                    type: integer
                  description: Array of tag IDs
                tag_list:
                  type: array
                  items:
                    type: string
                  description: Array of tag names
      responses:
        '200':
          description: Vulnerability updated successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Vulnerability'
        '400':
          description: Bad request
        '404':
          description: Vulnerability not found
        '422':
          description: Unprocessable entity
components:
  schemas:
    Vulnerability:
      type: object
      properties:
        id:
          type: integer
        title:
          type: string
        description:
          type: string
        severity:
          type: string
          enum:
            - Critical
            - High
            - Medium
            - Low
            - Informational
        status:
          type: string
        cvss_score:
          type: number
          format: float
        created_at:
          type: string
          format: date-time
        updated_at:
          type: string
          format: date-time
        tags:
          type: array
          items:
            $ref: '#/components/schemas/Tag'
        attachments:
          type: array
          items:
            $ref: '#/components/schemas/Attachment'
    Tag:
      type: object
      properties:
        id:
          type: integer
        name:
          type: string
        editable:
          type: boolean
        organization_profile_id:
          type: integer
    Attachment:
      type: object
      properties:
        id:
          type: integer
        filename:
          type: string
        content_type:
          type: string
        file_size:
          type: integer
        created_at:
          type: string
          format: date-time
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
    BasicAuth:
      type: http
      scheme: basic
    ApiKeyAuth:
      type: apiKey
      in: header
      name: X-Auth

````