a free web vulnerability scanner

freewvs is a tool to search webroots for known vulnerable versions of web applications. See the README for more info.


You can install freewvs via pip:

pip install freewvs

Alternatively you can run freewvs directly from the git source.

If you install via pip you need to update the freewvs database first:



Just run freewvs with a path, e.g.:

freewvs /var/www

The output will be something like this:

Joomla 3.9.11 (3.9.14) CVE-2019-19846 /var/www/
nextcloud 14.0.1 (14.0.5) CVE-2019-5449 /var/www/
MediaWiki 1.31.1 (1.31.6) CVE-2019-19709 /var/www/


A public Git repository is available:

git clone --depth=1

You can view the repository via a web interface.

We also have a mirror of the code on Github.

Historic / obsolete releases can be found here.


The code is published under the 0BSD license. (Earlier versions used CC0.)

Free Software provided by