{"$schema":"https://json-schema.org/draft/2020-12/schema","$id":"https://fedramp.gov/schemas/fedramp-vulnerability-detail-report-schema-2026-06-24.json","$schemaVersion":"0.0.1","type":"object","title":"FedRAMP Vulnerability Detail Report (VER-RPT-VDT)","description":"Vulnerability detection and response activity report per VER-RPT-VDT. Covers non-accepted vulnerabilities only; see VER-RPT-AVI for accepted vulnerabilities.","required":["certificationPackageOverviewUri","reportPeriod","vulnerabilities"],"properties":{"certificationPackageOverviewUri":{"$ref":"https://fedramp.gov/schemas/fedramp-common-definitions-schema-2026-06-24.json/$defs/certificationPackageOverviewUri"},"reportPeriod":{"$ref":"https://fedramp.gov/schemas/fedramp-common-definitions-schema-2026-06-24.json/$defs/reportPeriodDateTime","title":"Report Period","description":"Period summarized by this report. Per VER-RPT-PER, must cover all activity since the previous report."},"vulnerabilities":{"type":"array","title":"Vulnerabilities","description":"Non-accepted vulnerabilities with activity in this period.","items":{"$ref":"https://fedramp.gov/schemas/fedramp-common-definitions-schema-2026-06-24.json/$defs/vulnerabilityDetail"}}}}