The API documentation of the endpoint /api/3/vulnerabilities says:
Returns all vulnerabilities that can be assessed during a scan.
In fact, the endpoint returns totalResources value of 251930. How can I retrieve only vulnerabilities that we have? What we can see from the InsightVM Console is just 300-ish items.
Any update on this? This topic explains the overall issue well (I see there are multiple threads on this issue), ie:
Get All Vulnerabilities In Environment API - InsightVM / API - Rapid7 Discuss
Connecting Vulnerabilities with Assets Through the InsightVM API? - InsightVM / API - Rapid7 Discuss
Seems like a major oversight that there is seemingly no way to “just” get a list of vulns in ones environment or even a specific site?