diff --git a/app/routers/qualys.py b/app/routers/qualys.py
index 06a5ba9..216ed9a 100644
--- a/app/routers/qualys.py
+++ b/app/routers/qualys.py
@@ -411,10 +411,11 @@ async def qualys_search(request: Request, db=Depends(get_db),
     # Enrichir avec vulnérabilités (severity 3,4,5, Confirmed/Potential, Active)
     vuln_map = {}
     if assets:
-        asset_ids = [str(a.qualys_asset_id) for a in assets if a.qualys_asset_id]
-        if asset_ids:
+        ips = [str(a.ip_address) for a in assets if a.ip_address]
+        ips = [ip for ip in ips if ip and ip != "None"]
+        if ips:
             try:
-                vuln_map = get_vuln_counts(db, ",".join(asset_ids[:50]))
+                vuln_map = get_vuln_counts(db, ",".join(ips[:50]))
             except Exception:
                 pass
 
diff --git a/app/services/qualys_service.py b/app/services/qualys_service.py
index 9213f76..8187b0c 100644
--- a/app/services/qualys_service.py
+++ b/app/services/qualys_service.py
@@ -371,13 +371,13 @@ def _find_asset_by_hostname(qualys_url, qualys_user, qualys_pass, hostname, prox
     return None
 
 
-def get_vuln_counts(db, qualys_asset_ids):
-    """Recupere le nombre de vulnerabilites actives severity 3,4,5 pour un ou plusieurs assets.
-    qualys_asset_ids: str (un ID ou liste separee par virgules)
-    Retourne dict {asset_id: {severity3, severity4, severity5, total, confirmed, potential}}
+def get_vuln_counts(db, ip_list):
+    """Recupere le nombre de vulnerabilites actives severity 3,4,5 pour une liste d'IPs.
+    ip_list: str (IPs separees par virgules)
+    Retourne dict {ip: {severity3, severity4, severity5, total, confirmed, potential}}
     """
     qualys_url, qualys_user, qualys_pass, qualys_proxy = _get_qualys_creds(db)
-    if not qualys_user or not qualys_asset_ids:
+    if not qualys_user or not ip_list:
         return {}
     proxies = {"https": qualys_proxy, "http": qualys_proxy} if qualys_proxy else None
 
@@ -386,7 +386,7 @@ def get_vuln_counts(db, qualys_asset_ids):
             f"{qualys_url}/api/2.0/fo/asset/host/vm/detection/",
             data={
                 "action": "list",
-                "ids": str(qualys_asset_ids),
+                "ips": str(ip_list),
                 "severities": "3,4,5",
                 "status": "New,Active,Re-Opened",
                 "show_results": "0",
@@ -407,8 +407,8 @@ def get_vuln_counts(db, qualys_asset_ids):
 
     for host_block in txt.split("<HOST>")[1:]:
         host_block = host_block.split("</HOST>")[0]
-        host_id = (parse_xml(host_block, "ID") or [""])[0]
-        if not host_id:
+        host_ip = (parse_xml(host_block, "IP") or [""])[0]
+        if not host_ip:
             continue
 
         counts = {"severity3": 0, "severity4": 0, "severity5": 0,
@@ -432,6 +432,6 @@ def get_vuln_counts(db, qualys_asset_ids):
             if det_type == "Confirmed": counts["confirmed"] += 1
             elif det_type == "Potential": counts["potential"] += 1
 
-        results[str(host_id)] = counts
+        results[host_ip] = counts
 
     return results
diff --git a/app/templates/qualys_search.html b/app/templates/qualys_search.html
index 6b46948..6cb92a3 100644
--- a/app/templates/qualys_search.html
+++ b/app/templates/qualys_search.html
@@ -167,7 +167,7 @@ function updateBulkTag() {
                 {% else %}<span class="text-gray-600 text-xs">N/A</span>{% endif %}
             </td>
             <td class="p-2 text-center">
-                {% set vc = vuln_map.get(qid|string, {}) if vuln_map else {} %}
+                {% set vc = vuln_map.get(ip|string, {}) if vuln_map else {} %}
                 {% if vc and vc.total > 0 %}
                 <span title="S3:{{ vc.severity3 }} S4:{{ vc.severity4 }} S5:{{ vc.severity5 }} | Confirmed:{{ vc.confirmed }} Potential:{{ vc.potential }}">
                     {% if vc.severity5 > 0 %}<span class="badge badge-red">{{ vc.severity5 }} crit</span> {% endif %}