Alternatives and similar repositories for trivy-db

Users that are interested in trivy-db are comparing it to the libraries listed below

• aquasecurity / harbor-scanner-trivy

  View on GitHub
  Use Trivy as a plug-in vulnerability scanner in the Harbor registry
  ☆225Sep 16, 2024Updated last year
• aquasecurity / vuln-list-update

  View on GitHub
  ☆192Feb 2, 2026Updated last week
• aquasecurity / trivy-kubernetes

  View on GitHub
  Trivy kubernetes library
  ☆36Jan 1, 2026Updated last month
• aquasecurity / vuln-list

  View on GitHub
  NVD, Ubuntu, Alpine
  ☆449Feb 7, 2026Updated last week
• aquasecurity / fanal

  View on GitHub
  Static Analysis Library for Containers
  ☆197Jun 14, 2023Updated 2 years ago
• aquasecurity / trivy-java-db

  View on GitHub
  ☆39Sep 12, 2025Updated 5 months ago
• aquasecurity / defsec

  View on GitHub
  Trivy's misconfiguration scanning engine
  ☆215Jan 23, 2025Updated last year
• aquasecurity / helm-charts

  View on GitHub
  Aqua Open Source Helm Chart Repository
  ☆20Updated this week
• aquasecurity / go-dep-parser

  View on GitHub
  Dependency Parser for Multiple Programming Languages
  ☆148Jun 6, 2024Updated last year
• aquasecurity / go-version

  View on GitHub
  A Go library for parsing and verifying versions and version constraints.
  ☆45May 5, 2025Updated 9 months ago
• k1LoW / trivy-db-to

  View on GitHub
  trivy-db-to is a tool for migrating/converting vulnerability information from Trivy DB to other datasource.
  ☆27Updated this week
• CERTCC / VINCE

  View on GitHub
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆89Feb 3, 2026Updated last week
• anchore / grype-db

  View on GitHub
  ☆61Updated this week
• aquasecurity / trivy

  View on GitHub
  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
  ☆31,602Feb 7, 2026Updated last week
• goharbor / harbor-scanner-clair

  View on GitHub
  Use Clair as a plug-in vulnerability scanner in the Harbor registry
  ☆36Dec 5, 2025Updated 2 months ago
• aquasecurity / trivy-vscode-extension

  View on GitHub
  A VS Code Extension for Trivy
  ☆164Feb 7, 2026Updated last week
• anchore / vunnel

  View on GitHub
  Tool for collecting vulnerability data from various sources (used to build the grype database)
  ☆110Updated this week
• package-url / packageurl-go

  View on GitHub
  Go implementation of the package url spec
  ☆67Dec 4, 2025Updated 2 months ago
• anchore / stereoscope

  View on GitHub
  go library for processing container images and simulating a squash filesystem
  ☆103Feb 6, 2026Updated last week
• spdx / tools-golang

  View on GitHub
  Collection of Go packages to work with SPDX files
  ☆158Jan 16, 2026Updated 3 weeks ago
• aquasecurity / vim-tfsec

  View on GitHub
  List your tfsec issues in the QuickFix window with this plugin.
  ☆12May 16, 2022Updated 3 years ago
• fabric8-analytics / cvejob

  View on GitHub
  A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).
  ☆12Jul 12, 2025Updated 7 months ago
• aquasecurity / trivy-plugin-referrer

  View on GitHub
  Trivy plugin for OCI referrers
  ☆23May 13, 2024Updated last year
• falcosecurity / driverkit

  View on GitHub
  Kit for building Falco drivers: kernel modules or eBPF probes
  ☆69Updated this week
• usnistgov / swid-tools

  View on GitHub
  ☆15Feb 6, 2026Updated last week
• aquasecurity / appshield

  View on GitHub
  Security configuration checks for popular cloud native applications and infrastructure.
  ☆119Feb 16, 2022Updated 3 years ago
• openvex / spec

  View on GitHub
  OpenVEX Specification
  ☆167Jan 16, 2026Updated 3 weeks ago
• knqyf263 / go-deb-version

  View on GitHub
  A golang library for parsing deb package versions
  ☆40Nov 15, 2024Updated last year
• aquasecurity / community

  View on GitHub
  Aqua Security's open source community
  ☆48Apr 10, 2024Updated last year
• aquasecurity / tracee

  View on GitHub
  Linux Runtime Security and Forensics using eBPF
  ☆4,362Updated this week
• aquasecurity / go-git-pr-commenter

  View on GitHub
  library for adding comments to git PRs
  ☆15Dec 2, 2025Updated 2 months ago
• aquasecurity / postee

  View on GitHub
  Notice: Postee is no longer under active development or maintenance.
  ☆206Jan 22, 2026Updated 3 weeks ago
• ossf / osv-schema

  View on GitHub
  Open Source Vulnerability schema.
  ☆232Updated this week
• aquasecurity / trivy-action

  View on GitHub
  Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities
  ☆1,187Dec 11, 2025Updated 2 months ago
• openvex / go-vex

  View on GitHub
  Go module to generate and transform VEX documents
  ☆52Feb 2, 2026Updated last week
• kusaridev / spector

  View on GitHub
  Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks
  ☆33Apr 22, 2025Updated 9 months ago
• aquasecurity / starboard

  View on GitHub
  Superseded by https://github.com/aquasecurity/trivy-operator
  ☆1,372Feb 3, 2026Updated last week
• oras-project / oras

  View on GitHub
  OCI registry client - managing content like artifacts, images, packages
  ☆2,120Updated this week
• aquasecurity / trivy-operator

  View on GitHub
  Kubernetes-native security toolkit
  ☆1,779Updated this week