Search Packages

ca9

CVE reachability analysis for Python. Stop fixing vulnerabilities that don't affect you. Static + dynamic analysis to cut SCA noise from Snyk, Dependabot, Trivy, and others.

univers

Parse and compare package versions and ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!

pyscan-rs

python dependency vulnerability scanner, written in Rust.

aboutcode-hashid

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

aboutcode-federated

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

osv-lib

Python library for calling OSV (https://osv.dev/)

cve-sentinel

CVE auto-detection and remediation proposal system for Claude Code

vulnhunter

Offline vulnerability scanner with AI triage — your dependencies have secrets, VulnHunter finds them.

safe-packages

The cli tool for checking the security of the packages.

rtx-trust

Real Tracker X: cross-ecosystem dependency trust scanner