Windows Software Vulnerability Scanner
Check installed Windows programs for known CVEs using winget or PowerShell
Scan every installed program on a Windows machine for known vulnerabilities without installing any additional software or agents. Run one PowerShell command, paste the output into SecOSS, and it matches your installed software against the National Vulnerability Database to surface CVEs with recommended upgrade versions.
How to use
- 1Open PowerShell and run: winget list β or alternatively: Get-Package | Select-Object Name, Version | Format-Table
- 2Copy and paste the full output into the text box in SecOSS.
- 3SecOSS normalizes the package names and versions and queries the NVD API for CVE matches.
- 4Review vulnerable software sorted by severity β get the recommended safe version and upgrade instructions for each.
Scan method
βΉοΈ
OSV.dev does not index Windows packages. SecOSS will list all detected packages and provide direct nvd.nist.gov search links so you can look up CVEs manually.
Step 1 β Run in PowerShell (as Administrator)
Save to file, then upload below:
winget list --disable-interactivity --accept-source-agreements | Out-File packages.txt -Encoding UTF8Or run without saving and paste the terminal output directly below:
winget list --disable-interactivity --accept-source-agreements