OWASP CVE Lite CLI scans dependencies for known vulnerabilities

CVE Lite CLI is an open-source security scanner from OWASP that audits project dependencies for known vulnerabilities using parallel OSV queries. The tool features a 30-minute query cache, transitive dependency path reconstruction for yarn.lock, and a --no-cache flag for fresh scans. It integrates into CI/CD as a GitHub Action and recently hardened its workflows against CVE-2025-30066 by enforcing least-privilege token permissions.