openvex

SBOM diff with supply-chain risk signals — flags new CVEs, typosquats, and young maintainers on changed deps. Built after axios (Mar 2026), Shai-Hulud, and xz.

rust security dependency-analysis code-review vex cve spdx osv typosquatting vulnerability-scanner sbom github-action cyclonedx rust-cli slsa supply-chain-security sigstore openvex

Updated May 5, 2026
Rust

JamieMagee / openvex.net

Star

.NET types for OpenVEX documents

vex sbom openvex

Updated May 1, 2026
C#

Noetheon / vuln-prioritizer-cli

Star

Threat-informed CLI for prioritizing known CVEs with NVD, EPSS, KEV, ATT&CK, VEX, and asset context

python cli security cve vulnerability-management sarif mitre-attack sbom cyclonedx kev epss openvex

Updated Apr 24, 2026
Python

StackVista / vexhub

Star

VEX statements for SUSE Observability product images. Consumable by Trivy via --vex repo.

security vex vulnerability-management openvex vexhub suse-observability

Updated May 1, 2026
Python

telicent-oss / merge-vex-action

Star

A GitHub Action that merges VEX statement files together into a single merged file for use with other tooling

security actions vex openvex vexctl

Updated Jan 12, 2026

Improve this page

Add a description, image, and links to the openvex topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the openvex topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

openvex

Here are 8 public repositories matching this topic...

anchore / grype

anthonyharrison / lib4vex

p-ssanders / jvex

Metbcy / bomdrift

JamieMagee / openvex.net

Noetheon / vuln-prioritizer-cli

StackVista / vexhub

telicent-oss / merge-vex-action

Improve this page

Add this topic to your repo