cyclonedx2report
CycloneDX • SBOM • HTML Report

cyclonedx2report

Turn a CycloneDX JSON SBOM into a beautiful, interactive report with summary KPIs, dependency flow visualization, components insights, and vulnerability impact analysis.

Try out GitHub

Interactive report

Get Sankey dependency flow plus filterable components and vulnerabilities tables.

Client-side only

Works directly in the browser with no backend required.

Template support

Use built-in dark/light templates in CLI or customize your own HTML template.

Click Try out to open the converter page and generate your report in a new tab.

Try it here

Generate the report directly from this page by uploading a CycloneDX JSON file.

Ready.

Why teams use it

A lightweight way to transform SBOM JSON into a readable, presentation-ready report for security and engineering reviews.

  • Highlights security posture quickly with vulnerability severity distribution.
  • Shows dependency relationships in a clear Sankey flow.
  • Surfaces direct and transitive impact for faster triage.
  • Runs client-side in the browser, with no backend required.
Output
Interactive HTML
Runtime
Browser only
Input
CycloneDX JSON
Sharing
Open in new tab

How it works

Three simple steps from SBOM upload to visual report.

1

Upload SBOM

Select your CycloneDX JSON file from your local machine.

2

Choose template

Pick light or dark mode and optionally add a custom report title.

3

Review report

The generated report opens in a new tab with filters and charts ready.

FAQ

Does this upload my SBOM anywhere?

No. The conversion flow runs in your browser and the file stays local during processing.

Can I customize report style?

Yes. Choose a built-in template and also customize the title before generating the report.

What if the generated tab does not open?

Allow pop-ups for this site and generate again; the report opens in a new browser tab.