Govulncheck reports known vulnerabilities that affect Go code.

It uses static analysis or a binary's symbol table to narrow down reports to only those that potentially affect the application.

For more information about the API behind govulncheck, see https://go.dev/security/vulncheck.