Icon

Trivy

Trivy is an all-in-one open source security scanner by Aqua Security that detects vulnerabilities, misconfigurations, exposed secrets, and generates SBOMs across container images, code repositories, and infrastructure as code configurations.
Latest: 0.71.0 GitHub
Last checked: Jun 9, 2026 12:10am
Rank: 695/15140
Also monitored via:
Site Monitor Winget
Follow to track new versions in your feed.
Report

Overview

0
License: Apache 2.0Installer: single binaryWinget: Available
Product Page Support Page Download Page

Version & Lifecycle

0
Current: 0.71.0 N-2: 0.69.3 Avg cadence: Every 21 days

Tags

0
security scanner vulnerability scanner container security SBOM open source Aqua Security

Top Contributors

Top sitewide contributors:

  1. Anbarasan
  2. nico_k
  3. Bob
  4. Vigneshwaran

Community Notes

Command-line note • January 31, 2026
0

Trivy – Command-line note

For enterprise Windows deployment, download the official Trivy ZIP from GitHub releases (e.g., trivy_x.xx.x_windows-64bit.zip), extract trivy.exe silently with PowerShell (Expand-Archive -Path trivy.zip -DestinationPath C:ToolsTrivy -Force), and add C:ToolsTrivy to the system PATH via [Environment]::SetEnvironmentVariable(‘Path’, $env:Path + ‘;C:ToolsTrivy’, ‘Machine’) for immediate executability without UI prompts. This portable binary approach supports automation in scripts like SCCM or Intune, requires no MSI transforms, and enables CLI usage like trivy image --version post-deployment.

Release Notes & Updates

0
Avg cadence:
Updates • 0

Help us match vulnerabilities

No vulnerability match yet. Pick the right product:

Looking for matching products…
Don’t see it? Paste a CPE

Also known as

Other names people use for this app — helps search and matching.

Trivyaquasecurity Trivy

Packaging Notes

0

Trivy is a single binary with no dependencies, supporting every OS and CPU architecture. It can be installed via package managers or downloaded as a standalone binary.

Notes

0

Trivy supports scanning of unpackaged binary files, integrates with Sigstore and Rekor for SBOM attestation, and is widely used in CI/CD pipelines and Kubernetes environments.

Your community for enterprise application details

Explore

Account

© 2026 RWK Systems. All rights reserved.
Sign in