OSS Index

A free online index of software vulnerabilities and best practices. Vör Security provides both interactive and API access to our full database. Currently, OSS Index contains:

  • 2,100,000+ packages
  • 120,000+ vulnerabilities

You can search for packages and software, explore their vulnerabilities, and submit new vulnerabilities.

The OSS Index REST API provides full access to the data, allowing you to write new tools and provide integrations. All OSS Index provided tools are open source!


Open source auditing tools automatically identify software dependencies with their associated vulnerabilities. Our auditing tools currently support:

  • Bower
  • Chocolatey
  • Maven
  • MSI
  • npm
  • NuGet
With support on the way for
  • Composer
  • Drupal
  • dpkg
  • rpm
  • WordPress
  • Apache HTTPD