Reminder: Vulnerability Priority Rating (VPR) Version 2 Transition on July 1

On July 1, 2026, Tenable will transition to the enhanced Vulnerability Priority Rating (VPR) model across the platform. The current VPR (Beta) model will become the primary VPR model, and the legacy VPR version 1 will be retired.

For most API users, no action is required. Existing VPR fields will automatically reflect the updated VPR model, ensuring compatibility with your current integrations and workflows.

API changes requiring action

If your integrations adopted the VPR v2-specific parameters or response properties introduced during the beta period, update them before July 1, 2026.

Filter parameters

The following endpoints currently support both the vpr_score and vpr_v2_score filter parameters:

• Vulnerability Management: Export vulnerabilities
• Web App Scanning: Export findings

The vpr_v2_score filter parameter will be deprecated. Update your integrations to use vpr_score, which will automatically return the updated VPR model beginning July 1.

Response properties

The following endpoints currently return both the plugin.vpr and plugin.vpr_v2 objects:

• Vulnerability Management: Download vulnerabilities chunk
• Web App Scanning: Download findings export chunk

The plugin.vpr_v2 response property will be deprecated. Update your integrations to use plugin.vpr, which will automatically contain the updated VPR model beginning July 1.

🛑

Reminder

The vpr_v2_score filter parameter and plugin.vpr_v2 response property are scheduled for deprecation on July 1, 2026. To avoid disruption, update your integrations to use vpr_score and plugin.vpr before the transition date.

For a complete overview of the transition and API changes, see the previous changelog, Vulnerability Priority Rating: Transition to VPR Version 2. Additional background information is available in the Vulnerability Priority Rating Risk Scoring Enhancements FAQ and the Product Announcement.