All processing happens locally in your browser. No data is sent to any server.
🔒 Only package names and versions are sent to OSV.dev. No source code, file paths, or other data leaves your browser.
⚠️
Disclaimer: This tool queries the OSV.dev database and may not cover all known vulnerabilities. Results depend on OSV data completeness, correct version parsing, and ecosystem coverage. This is not a substitute for a professional SCA tool or security audit. Always verify findings and use additional sources (NVD, GitHub Advisories, Snyk) for critical decisions.
Drop file here or click to browse