Title
Create new category
Edit page index title
Edit category
Edit link
SBOM release notes
v4.7.1
Release date: 3/12/2026
Support scanning of CycloneDX 1.7 reports.
Add support for TypeScript, CoffeeScript, Scala, Groovy, and Clojure.
v4.7.0
Release date: 2/10/2026
Support European Union Vulnerability Database (EUVD).
v4.6.0
Release date: 1/29/2026
Add support for EPSS scoring.
Support multiple severity sources.
Preserve report metadata when scanning CycloneDX and SPDX reports.
v4.5.0
Release date: 12/22/2025
Add support for scanning .csproj files.
Integrate GHSA as a source for malicious package detection.
Enhance CVSS scoring logic to accept scores from multiple sources.
Introduce Database v6 with a reduced size and improved efficiency.
v4.4.0
Release date: 11/4/2025
Support CIS Level 2 for Windows Server 2022.
Enhance dependency detection of package.json (npm).
Return CVSS Score.
Enhance detection for application files.
Add support recent malicious NPM packages.
Reduce database file size.
v4.3.0
Release date: 9/2/2025
A faster way to detect package information for Python.
Improve the UI to display more details.
Return the latest version information.
Add support for several CVEs.
Support Ubuntu 24.04 and Windows Server 2025.
v4.2.0
Release date: 7/8/2025
Provide more license information: license URL, category, permissions, conditions, limitations.
Return unique identifier, checksum, property (archive, executable) for a package.
Add support for composer.json (PHP).
Support Amazon Linux 2023, Ubuntu 22.04 CIS level 2.
v4.1.0
Release date: 5/22/2025
Return "Authors" and "Release date" info for packages.
Support processing SPDX file format.
Support parsing composer.lock file (for PHP).
v4.0.1
Release date 3/27/2025
Fixed an initialization issue on RH8 and Debian 11.
v4.0
Release date 3/20/2025
Improvements for C/C++ libraries
Utilize PE information to detect DLL/EXE libraries.
Add more signatures for C/C++ libraries.
Support processing CycloneDX file format.
Improve Python detection methods.
v3.1.0
Release date 1/14/2025
Improve license detection.
Better way to handle internal databases.
v3.0
Release date: 11/4/2024
Detect vulnerability for binary C# files.
Support more file types for the other programing languages.
Improve Maven license detection.
Improve engine initialization time.
Improve JAR file detection.
v2.1
Release date: 8/28/2024
Support SPDX and CycloneDX reports (requires MetaDefender Core V5.11.1+).
Fix several issues when running multiple threads.
v2.0
Release date: 7/8/2024
Support license risk detection (requires MetaDefender Core V5.10.1+).
Improve the method to compare package versions.
v1.2.1
Release date: 4/15/2024
Fix initialization failure in non-English environments.
v1.2
Release date: 4/1/2024
Support recursive dependency checks for source code.
Return CWE info.
Detect vulnerabilities in version ranges.
Fix detection issues in case of CRLF line endings.
v1.1.1
Release date: 1/9/2024
Return fixed versions for CVEs.
Support more file names: C/C++ package manager file (
conan.lock)Add package detection for
pom.propertiesand[package_name]-[package-version].jar.
v1.1
Release date: 12/06/2023
Release Linux version
Support log configuration
Improve Node, Python detection
V1.0.6
Release date: 10/25/2023
Improve processing speed.
Enhance tar extraction to get layer ids properly.
V1.0
Release date: 10/9/2023
SBOM engine for MetaDefender Core Windows
Support source code and container scan
Support 11 programming languages