Simon Willison’s Weblog

Subscribe

29th March 2026

Tool Python Vulnerability Lookup — Search Python packages for known security vulnerabilities by pasting a `pyproject.toml` or `requirements.txt` file, or by loading dependencies directly from a GitHub repository. The tool queries the OSV.dev vulnerability database and displays detailed information about any identified vulnerabilities, including severity levels, affected version ranges, and links to full disclosure reports.

I learned that the OSV.dev open source vulnerability database has an open CORS JSON API so I had Claude Code build this HTML tool for pasting in a pyproject.toml or requirements.txt file (or name of a GitHub repo containing those) and seeing a list of all reported vulnerabilities from that API.

Posted 29th March 2026 at 6:46 pm

Recent articles

This is a beat by Simon Willison, posted on 29th March 2026.

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe