Skip to main content
Scour
Browse
Getting Started
Login
Sign Up
You are offline. Trying to reconnect...
Copied to clipboard
Unable to share or copy to clipboard
Back to article
Open Source Vulnerabilities
(opens in new tab)
17
articles covering this post
osv.dev
·
10w
10 weeks ago
·
Open original
(opens in new tab)
Save
Love
Like
Dislike
|
Add interest
Feeds
Share
|
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block
Add interest
Show Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Covered in 17 articles
Linux Kernel CVEs Don't Care About Your Distro's Release Schedule — Here's What Actually Happens
dev.to
·
4w
4 weeks ago
·
DEV
Actions for Linux Kernel CVEs Don't Care About Your Distro's Release Schedule — Here's What Actually Happens
DASH 2026 Security & Compliance: Guide to Datadog’s newest announcements
datadoghq.com
·
4d
4 days ago
Actions for DASH 2026 Security & Compliance: Guide to Datadog’s newest announcements
From single pull requests to full software packages: Detecting malicious code at scale
datadoghq.com
·
1w
1 week ago
Actions for From single pull requests to full software packages: Detecting malicious code at scale
As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free
infoworld.com
·
2w
2 weeks ago
Actions for As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free
PyCon US 2026 Packaging Summit Recap
bernat.tech
·
4w
4 weeks ago
·
Hacker News
Actions for PyCon US 2026 Packaging Summit Recap
Vulnerability and malware checks in uv
astral.sh
·
5d
5 days ago
·
Lobsters
,
Hacker News
,
Hacker News
Actions for Vulnerability and malware checks in uv
NVIDIA/SkillSpector: Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks.
github.com
·
1d
1 day ago
·
Hacker News
Actions for NVIDIA/SkillSpector: Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks.
analysis-tools-dev/static-analysis: ⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
github.com
·
2w
2 weeks ago
·
Hacker News
Actions for analysis-tools-dev/static-analysis: ⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
NoCoderRandom/sunsetscan: Local-network security auditing with EOL, CVE, device identity, and HTML reports
github.com
·
2w
2 weeks ago
·
r/homelab
,
r/linux
Actions for NoCoderRandom/sunsetscan: Local-network security auditing with EOL, CVE, device identity, and HTML reports
KoblerS/np-audit: Static security analysis for npm packages. Detects obfuscated code, malicious patterns, and known vulnerabilities before installation.
github.com
·
3w
3 weeks ago
·
r/javascript
Actions for KoblerS/np-audit: Static security analysis for npm packages. Detects obfuscated code, malicious patterns, and known vulnerabilities before installation.
SeekYou: How I Built a Unified Host Intelligence Tool That Runs Free on Cloudflare Workers
github.com
·
3w
3 weeks ago
·
DEV
Actions for SeekYou: How I Built a Unified Host Intelligence Tool That Runs Free on Cloudflare Workers
OWASP/cve-lite-cli: Fast, developer-friendly JS/TS dependency vulnerability scanner with local lockfile scanning, OSV matching, direct vs transitive visibility, --fix, JSON output, and practical remediation guidance.
github.com
·
6w
6 weeks ago
·
DEV
,
Hacker News
,
r/javascript
Actions for OWASP/cve-lite-cli: Fast, developer-friendly JS/TS dependency vulnerability scanner with local lockfile scanning, OSV matching, direct vs transitive visibility, --fix, JSON output, and practical remediation guidance.
A03 Software Supply Chain Failures
owasp.org
·
3w
3 weeks ago
Actions for A03 Software Supply Chain Failures
block malicious NPM/pip installs locally
computer.police.dev
·
3w
3 weeks ago
·
Hacker News
Actions for block malicious NPM/pip installs locally
OWASP Adopts CVE Lite CLI to Boost Dependency Scanning
devops.com
·
2w
2 weeks ago
Actions for OWASP Adopts CVE Lite CLI to Boost Dependency Scanning
Xz, two years on: what scanners still cannot catch
arcis-website.pages.dev
·
3w
3 weeks ago
·
Hacker News
Actions for Xz, two years on: what scanners still cannot catch
As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free
csoonline.com
·
2w
2 weeks ago
·
r/javascript
Actions for As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free
Keyboard Shortcuts
Navigation
Next / previous item
j
/
k
Open post
o
or
Enter
Preview post
v
Post Actions
Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s
Recommendations
Add interest / feed
Enter
Not interested
x
Go to
Home
g
h
Interests
g
i
Feeds
g
f
Likes
g
l
History
g
y
Changelog
g
c
Settings
g
s
Browse
g
b
Search
/
Pagination
Next page
n
Previous page
p
General
Show this help
?
Submit feedback
!
Close modal / unfocus
Esc
Press
?
anytime to show this help