OSV Open Source Vulnerability Database and Scanner

OSV is a distributed vulnerability database built for open source ecosystems. The site centers on a machine-readable vulnerability schema and an API that lets developers query issues by commit hash or package version. It also documents OSV-Scanner, a tool for scanning dependencies, SBOMs, lockfiles, container images, and GitHub workflows. The database aggregates advisories from multiple open source security sources and supports practical remediation workflows for developers, security teams, maintainers, and DevOps users.

Domain: osv.dev

Added: 2026-05-10 · Updated: 2026-05-10