Vulnerability analysis on the Unjaya Repository website uses the ISSAF method for identifying and grouping identified vulnerabilities.. The purpose is to provide an in-depth understanding of the vulnerabilities that exist on the Repository site as a basis for the corrective steps needed to reduce security risks. The methods are information gathering, network mapping, vulnerability exposure, vulnerability grouping, IP addresses, active ports. Scanning using Nikto Scanner and Helium Security, 24 vulnerabilities detected in four levels, namely high, medium, low and informational. The results found at a high level of vulnerability in the form of disclosure of PII, at a medium level such as the absence of an Anti-CSRF Token, at a low level such as Application Error Disclosure, and at an information level such as Authentication Request Identified. This proves that there is a significant potential risk to the security of the Unjaya Repository site.