Vulnetix CLI

Unified vulnerability management from the command line.

Remediation over discovery. Collect, assess, triage, and remediate vulnerabilities from a single CLI — designed for CI/CD and for engineers who'd rather fix than file tickets.

Get started Live demo
Learn more at vulnetix.com →

Vulnerability intelligence

Query vulnerabilities by any identifier format — CVE, GHSA, PYSEC, RUSTSEC, and 75+ more. Get exploit intelligence, fix data, scoring metrics, and full remediation plans from aggregated multi-source data.

  • Multi-source aggregation
  • Exploit intelligence
  • Fix recommendations
  • Scoring metrics
  • Remediation plans

VDB command reference →

Software composition analysis & SAST

Auto-discover and scan manifest files and SBOMs for known vulnerabilities across supported ecosystems. Built-in SAST rules detect code-level issues — weak crypto, hardcoded secrets, missing lock files, and more. Zero-config scanning with SPDX, CycloneDX, and SARIF support.

  • Auto-discovery
  • SPDX & CycloneDX
  • Broad ecosystem coverage
  • Zero-config scanning
  • Built-in SAST rules

Scan command reference →

CI/CD pipeline integration

Native GitHub Actions support for automated vulnerability management. Upload SBOMs, SARIF, and VEX artefacts directly from your CI workflows. Also works with GitLab CI, Bitbucket Pipelines, and Azure DevOps.

  • First-class GitHub Actions
  • Artefact auto-collection
  • GitLab CI
  • Bitbucket Pipelines
  • Azure DevOps

CI/CD integration guide →

Enterprise Broker Paid-only

Keep all Vulnetix operations within your private network. The on-prem broker enables Enterprise customers to run vulnerability scanning, VDB queries, and remediation workflows entirely behind the firewall.

Contact us →
GitHub VDB Plugin docs vulnetix.com Terms of Service