diff --git a/Makefile b/Makefile
index 5d286735..37f72ed8 100644
--- a/Makefile
+++ b/Makefile
@@ -328,13 +328,6 @@ lint-bug-report:
 lint-bug-report-preview:
 	python3 utils/validate_bug_report_file.py --file "internal/frontend/bridge-gui/bridge-gui/qml/Resources/bug_report_flow.json" --preview
 
-gobinsec: gobinsec-cache.yml build
-	gobinsec -wait -cache -config utils/gobinsec_conf.yml ${EXE_TARGET} ${DEPLOY_DIR}/${TARGET_OS}/${LAUNCHER_EXE}
-
-gobinsec-cache.yml:
-	./utils/gobinsec_update.sh
-	cp ./utils/gobinsec_update/gobinsec-cache-valid.yml ./gobinsec-cache.yml
-
 updates: install-go-mod-outdated
 	# Uncomment the "-ci" to fail the job if something can be updated.
 	go list -u -m -json all | go-mod-outdated -update -direct #-ci
diff --git a/ci/test.yml b/ci/test.yml
index 1b3089c5..9afa3b01 100644
--- a/ci/test.yml
+++ b/ci/test.yml
@@ -107,3 +107,18 @@ test-coverage:
       coverage_report:
         coverage_format: cobertura
         path: coverage.xml
+
+go-vuln-check:
+  extends:
+    - .rules-branch-manual-MR-and-devel-always
+  stage: test
+  tags:
+    - shared-medium
+  script:
+    - apt-get -y install jq
+    - ./utils/govulncheck.sh
+  artifacts:
+    when: always
+    paths:
+      - vulns*
+
diff --git a/utils/gobinsec_conf.yml b/utils/gobinsec_conf.yml
deleted file mode 100644
index 4b0d0382..00000000
--- a/utils/gobinsec_conf.yml
+++ /dev/null
@@ -1,21 +0,0 @@
----
-
-wait: true
-strict: true
-
-file:
-  name: "./gobinsec-cache.yml"
-  expiration: "24h"
-
-ignore:
-  # golang.org/x/net wrong match, we are using v0.1.0, fixed by 37e1c6af in v0.0.xxx
-  - "CVE-2021-33194"
-  # golang.org/x/crypto wrong match, we are using v0.1.0 all of this have been fixed in vO.O.xx
-  - "CVE-2019-11840"
-  - "CVE-2020-29652"
-  - "CVE-2021-43565"
-  - "CVE-2022-27191"
-  - "CVE-2020-9283"
-  - "CVE-2017-3204"
-  # golang.org/x/text wrong match, we are using v0.4.0, fixed in a previous version
-  - "CVE-2020-14040"
diff --git a/utils/gobinsec_update.sh b/utils/gobinsec_update.sh
deleted file mode 100755
index 35532a85..00000000
--- a/utils/gobinsec_update.sh
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/bash
-
-# Copyright (c) 2023 Proton AG
-#
-# This file is part of Proton Mail Bridge.
-#
-# Proton Mail Bridge is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# Proton Mail Bridge is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with Proton Mail Bridge.  If not, see <https://www.gnu.org/licenses/>.
-
-cd "$(\
-    cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd \
-    )"/gobinsec_update || exit 1
-
-for i in $(seq 10); do
-    echo "Trying $i"
-    if make run; then
-        echo "Try $i succeeded"
-        break
-    fi
-    echo "Waiting to try again..."
-    sleep 30
-done
diff --git a/utils/gobinsec_update/Makefile b/utils/gobinsec_update/Makefile
deleted file mode 100644
index 32303470..00000000
--- a/utils/gobinsec_update/Makefile
+++ /dev/null
@@ -1,6 +0,0 @@
-
-
-run:
-	FILECACHE_FILE=gobinsec-cache-valid.yml \
-		    FILECACHE_EXPIRATION=1h \
-		    go run main.go
diff --git a/utils/gobinsec_update/go.mod b/utils/gobinsec_update/go.mod
deleted file mode 100644
index e44f98f6..00000000
--- a/utils/gobinsec_update/go.mod
+++ /dev/null
@@ -1,15 +0,0 @@
-module gobinsec_update
-
-go 1.18
-
-require github.com/intercloud/gobinsec v0.10.2
-
-require (
-	github.com/bradfitz/gomemcache v0.0.0-20220106215444-fb4bf637b56d // indirect
-	github.com/fatih/color v1.13.0 // indirect
-	github.com/mattn/go-colorable v0.1.13 // indirect
-	github.com/mattn/go-isatty v0.0.16 // indirect
-	github.com/memcachier/gomemcache v0.0.0-20170425125614-d027381f7653 // indirect
-	golang.org/x/sys v0.1.0 // indirect
-	gopkg.in/yaml.v3 v3.0.1 // indirect
-)
diff --git a/utils/gobinsec_update/go.sum b/utils/gobinsec_update/go.sum
deleted file mode 100644
index 9d37fe33..00000000
--- a/utils/gobinsec_update/go.sum
+++ /dev/null
@@ -1,33 +0,0 @@
-github.com/bradfitz/gomemcache v0.0.0-20220106215444-fb4bf637b56d h1:pVrfxiGfwelyab6n21ZBkbkmbevaf+WvMIiR7sr97hw=
-github.com/bradfitz/gomemcache v0.0.0-20220106215444-fb4bf637b56d/go.mod h1:H0wQNHz2YrLsuXOZozoeDmnHXkNCRmMW0gwFWDfEZDA=
-github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w=
-github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
-github.com/intercloud/gobinsec v0.10.2 h1:4L2d4SaIqlHnUQ6Hlg1E51dqUg4jK+TpSILVTHaEvx4=
-github.com/intercloud/gobinsec v0.10.2/go.mod h1:Y/AMKT0aQM40WDkTqlEe18W/IL6ZUuuJjdOXdayi+CI=
-github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
-github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40=
-github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4=
-github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
-github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
-github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
-github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y=
-github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
-github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ=
-github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
-github.com/memcachier/gomemcache v0.0.0-20170425125614-d027381f7653 h1:222emoxOt/bCmNHp8Xt0Pr5Am3gIbqRKFpb4CQ9O2SI=
-github.com/memcachier/gomemcache v0.0.0-20170425125614-d027381f7653/go.mod h1:KoYVbOQexD45AOLfn+gsFB6c3o4ANzP1QKzjE6tZbK0=
-golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220422013727-9388b58f7150 h1:xHms4gcpe1YE7A3yIllJXP16CMAGuqwO2lX1mTyyRRc=
-golang.org/x/sys v0.0.0-20220422013727-9388b58f7150/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.1.0 h1:kunALQeHf1/185U1i0GOB/fy1IPRDDpuoOOqRReG57U=
-golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
-gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
-gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
diff --git a/utils/gobinsec_update/main.go b/utils/gobinsec_update/main.go
deleted file mode 100644
index 83a1056b..00000000
--- a/utils/gobinsec_update/main.go
+++ /dev/null
@@ -1,76 +0,0 @@
-// Copyright (c) 2023 Proton AG
-//
-// This file is part of Proton Mail Bridge.
-//
-// Proton Mail Bridge is free software: you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// Proton Mail Bridge is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License
-// along with Proton Mail Bridge. If not, see <https://www.gnu.org/licenses/>
-
-package main
-
-import (
-	"fmt"
-	"io/ioutil"
-	"regexp"
-	"strings"
-
-	"github.com/intercloud/gobinsec/gobinsec"
-)
-
-type Depend struct {
-	Name    string
-	Version string
-}
-
-func loadDependencies(file string) []Depend {
-	var dependencies []Depend
-	txt, err := ioutil.ReadFile(file)
-	if err != nil {
-		return dependencies
-	}
-	re := regexp.MustCompile(`\t[a-zA-Z0-9-\/\.]* v.*`)
-	matches := re.FindAllString(string(txt), -1)
-	for _, str := range matches {
-		withoutTab := strings.Split(str, "\t")
-		split := strings.Split(withoutTab[1], " ")
-		dependencies = append(dependencies, Depend{split[0], split[1]})
-	}
-	return dependencies
-}
-
-func main() {
-	dependencies := loadDependencies("../../go.mod")
-
-	if err := gobinsec.LoadConfig("", true, true, true, true); err != nil {
-		panic(err)
-	}
-
-	if err := gobinsec.BuildCache(); err != nil {
-		panic(err)
-	}
-
-	for _, dep := range dependencies {
-		fmt.Println("... Checking " + dep.Name + " " + dep.Version)
-		dep, err := gobinsec.NewDependency(dep.Name, dep.Version)
-		if err != nil {
-			panic(err)
-		}
-
-		if err := dep.LoadVulnerabilities(); err != nil {
-			panic(err)
-		}
-
-		if err := gobinsec.CacheInstance.Close(); err != nil {
-			panic(err)
-		}
-	}
-}
diff --git a/utils/govulncheck.sh b/utils/govulncheck.sh
new file mode 100755
index 00000000..524e1992
--- /dev/null
+++ b/utils/govulncheck.sh
@@ -0,0 +1,70 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2023 Proton AG
+#
+# This file is part of Proton Mail Bridge.
+#
+# Proton Mail Bridge is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Proton Mail Bridge is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Proton Mail Bridge.  If not, see <https://www.gnu.org/licenses/>.
+
+
+set -eo pipefail
+
+main(){
+    go install golang.org/x/vuln/cmd/govulncheck@latest
+    make gofiles
+    govulncheck -json ./... > vulns.json
+
+    jq -r '.osv.id | select( . != null )' < vulns.json > vulns_osv_ids.txt
+
+    ignore GO-2023-2102 "GODT-3160 update go to 1.21.4"
+    ignore GO-2023-2043 "GODT-3160 update go to 1.21.4"
+    ignore GO-2023-2041 "GODT-3160 update go to 1.21.4"
+    ignore GO-2023-1878 "GODT-3160 update go to 1.21.4"
+    ignore GO-2023-1987 "GODT-3160 update go to 1.21.4"
+    ignore GO-2023-1840 "GODT-3160 update go to 1.21.4"
+    ignore GO-2023-2185 "GODT-3160 update go to 1.21.4"
+    ignore GO-2023-2186 "GODT-3160 update go to 1.21.4"
+    ignore GO-2023-2328 "GODT-3124 RESTY race condition"
+
+    has_vulns
+
+    echo
+    echo "No new vulnerabilities found."
+}
+
+ignore(){
+    echo "ignoring $1 fix: $2"
+    cp vulns_osv_ids.txt tmp
+    grep -v "$1" < tmp > vulns_osv_ids.txt || true
+    rm tmp
+}
+
+has_vulns(){
+    has=false
+    while read -r osv; do
+        jq \
+            --arg osvid "$osv" \
+            '.osv | select ( .id == $osvid) | {"id":.id, "ranges": .affected[0].ranges,  "import": .affected[0].ecosystem_specific.imports[0].path}' \
+            < vulns.json
+        has=true
+    done < vulns_osv_ids.txt
+
+    if [ "$has" == true ]; then
+        echo
+        echo "Vulnerability found"
+        return 1
+    fi
+}
+
+main