Automic VaultAutomic Vault

brew

Install vuls with Homebrew, Nix, apt

Agentless Vulnerability Scanner for Linux/FreeBSD. Version 0.39.3 via Homebrew; verified 2026-06-09.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install vuls

local Homebrew formula metadata

Linux

Nixverified · 92%
nix profile install nixpkgs#vuls

nixpkgs package indexes · pkgs/by-name/vu/vuls/package.nix · source: api.github.com

Ubuntu aptverified · 92%
sudo apt install vuls

Ubuntu 24.04 LTS package indexes · vuls · source: archive.ubuntu.com

overview

Package summary

Agentless Vulnerability Scanner for Linux/FreeBSD

Commands and aliases

  • future-vuls
  • snmp2cpe
  • trivy-to-vuls
  • vuls
  • vuls-scanner

history

Project history and usage

Vuls is an agentless vulnerability scanner written in Go for Linux, FreeBSD, and later broader targets such as containers, application libraries, WordPress, network devices, Windows, and macOS. Its core idea is to inventory installed software and match it against vulnerability intelligence without requiring a resident scanner agent on every host.

Project history

The GitHub repository was created under Future Architect in March 2016, and the README credits kotakanbe as the creator. The project grew from a concrete operations problem: administrators often cannot simply enable automatic updates on production servers, yet manually tracking NVD, OVAL, vendor trackers, and package advisories across many machines is error-prone.

Vuls developed as a Go-based scanner with multiple scan modes. Its documentation describes remote scans over SSH, local scans for hosts that should not be reached centrally, and server mode where target hosts collect software information and send it to a Vuls server over HTTP.

Over time Vuls expanded from OS package vulnerability checks into a larger security-data workflow. The README lists data sources and integrations including NVD, JVN, vendor OVAL feeds, distribution security trackers, Microsoft CVRF, exploit and PoC data, CISA Known Exploited Vulnerabilities, MITRE ATT&CK and CAPEC data, application dependency data, and WordPress scanning.

Adoption history

Vuls is one of the more visible open-source host vulnerability scanners from the Go security tooling wave of the mid-2010s. By July 2026, GitHub repository metadata showed about 12.2k stars and more than 1.2k forks, indicating durable use well beyond a single-company internal tool.

The project also accumulated companion commands and data tools. Current release assets include `vuls`, `vuls-scanner`, `future-vuls`, `snmp2cpe`, and `trivy-to-vuls`, showing how the project adapted to adjacent scanners, CPE mapping, and hosted-service workflows.

How it is used

A common Vuls workflow is to create a `config.toml`, fetch or serve vulnerability dictionaries, scan target machines, and then generate reports for humans or automation. Remote mode uses SSH from a central machine; local and server modes reduce the need for inbound access to target hosts.

Vuls does not update vulnerable packages itself. Its value is detection, prioritization, and reporting: it tells operators which servers and software are affected, adds severity and exploit context when available, and can send notifications through channels such as email or Slack.

Why package nerds care

Vuls matters to package and security nerds because it turns package inventories, CVE identifiers, OVAL feeds, vendor advisories, CPE naming, and exploit metadata into a repeatable command-line workflow. It is especially relevant for people who care about the gap between distro package versions and upstream vulnerability identifiers.

Timeline

  • 2016: future-architect/vuls was created on GitHub on March 27, 2016.
  • 2017: FreeBSD ports carried Vuls as an agentless vulnerability scanner with SSH, TUI, notification, and multi-distribution support.
  • 2020: v0.14.0 was published on December 23, 2020, among the older releases still visible through the GitHub releases API page inspected for this run.
  • 2026: v0.39.3 was published on June 9, 2026, with signed release artifacts for multiple Vuls-related commands.

Related projects

  • Vuls is related to go-cve-dictionary, goval-dictionary, go-cpe-dictionary, gost, go-exploitdb, vulsctl, VulsRepo, Trivy, OWASP Dependency-Check, NVD, JVN, OVAL, and distribution security trackers.

security posture

Risk level: red

escape, surveillance, or offensive capability signal.

Risk classifier

red risk · medium confidence · escape-surveillance-offensive

Why

  • escape, surveillance, or offensive capability signal

Signals

  • text:vulnerability scanner

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
config.toml

executables

Installed executables

CommandKindExposureNote
future-vulscliglobal executable
snmp2cpecliglobal executable
trivy-to-vulscliglobal executable
vulscliglobal executable
vuls-scannercliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version0.39.3
manager updated2026-06-09
local dataok
upstreamcurrent
latest detectedv0.39.3

https://github.com/future-architect/vuls

  • okNo freshness warnings were generated.

install metadata

Package metadata

Package keybrew:vuls
Version0.39.3
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/vuls
Homepagehttps://vuls.io/
Repositoryhttps://github.com/future-architect/vuls
Upstream docshttps://vuls.io/docs/en
LicenseGPL-3.0-only
Source archivehttps://github.com/future-architect/vuls/archive/refs/tags/v0.39.3.tar.gz
Last updated2026-06-09T13:20:42Z
Pulseupdated
Build dependenciesgo
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namevuls
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

vuls

nix profile install nixpkgs#vuls
  • normalized package name match
  • Matched by: Vuls
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/vu/vuls/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
Ubuntu apt95%

vuls 0.6.1-5

Vulnerability scanner for Linux/FreeBSD, agentless, written in Go

https://github.com/future-architect/vuls

sudo apt install vuls
  • Section: universe/devel
  • Architecture: amd64
  • 2 dependencies
  • normalized package name match
  • Matched by: Vuls
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: vuls from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment