Vuls Security Scanner Breaks CLI with 'kb' to 'kb-info' Rename, Adds New 'kb-vuln' Command

The Vuls open-source vulnerability scanner has introduced a breaking change to its command-line interface, directly impacting security workflows. The existing `vuls db search kb` subcommand has been renamed to `vuls db search kb-info`. This change, explicitly tagged as a "BREAKING CHANGE," will cause existing scripts, automation, and user muscle memory that rely on the old `kb` command to fail until they are updated.

The rename aims to clarify the command's function: `kb-info` now specifically returns knowledge base (KB) metadata, such as Microsoft product information and supersession chains. Alongside this change, a new `kb-vuln` subcommand has been added. This new command provides a direct pipeline from a Microsoft KB ID to associated VulnerabilityData, following the chain: KB ID → Products → Index → RootIDs → VulnerabilityData. This addition potentially streamlines the process of linking patches to specific security flaws.

The update, co-authored by a GitHub Copilot user, signals active development focused on refining data taxonomy and expanding actionable security intelligence. For security teams and DevOps pipelines integrated with Vuls, this mandatory CLI update introduces immediate operational overhead. The change prioritizes long-term clarity and capability over short-term backward compatibility, forcing users to adapt their tooling to maintain scanning automation.