Ventoy
Live USB bootloader
From Wikipedia, the free encyclopedia
Ventoy is a partially open-source[2][3] utility used for creating bootable USB media storage devices with files such as .iso, .wim, .img, .vhd(x), and .efi. Once Ventoy is installed on a USB drive, new installation files can be added without reformatting.[4][5][6] Ventoy presents the user with a boot menu to select one of the installation files held on the USB drive.
(23 April 2026) [±]| Ventoy | |
|---|---|
Ventoy 1.0.54 | |
| Developer | Hailong Sun (aka longpanda) |
| Initial release | 5 April 2020 |
| Stable release | 1.1.12[1] (23 April 2026) [±] |
| Operating system | Cross-platform (Windows, Linux) |
| License | GPLv3+ License (partial) |
| Website | www |
| Repository | |
Features
Ventoy can be installed on a USB flash drive, local disk, solid-state drive (SSD, NVMe), or SD card and directly boots from the selected .iso, .wim, .img, .vhd(x), or .efi file(s) added. Ventoy does not extract the image file(s) to the USB drive, but uses them directly, as it can unzip during installation. It is possible to place multiple ISO images on a single device and select the image to boot from the menu displayed just after Ventoy boots.
MBR and GPT partition styles, x86 Legacy BIOS and various UEFI boot methods (including persistence) are supported. ISO files larger than 4 GB can be used. Ventoy supports various operating system boot and installation ISO files, including Windows 7 and later, Debian, Ubuntu, CentOS, Red Hat Enterprise Linux (RHEL), Fedora and more than a hundred other Linux distributions; various Unix releases, VMware, Citrix XenServer, etc. have also been tested.[7] Ventoy isn't recommended on the openSUSE wiki due to reports of boot issues.[8]
Binary blob controversy
Ventoy claims[9] to be an open source software and is hosted in a GitHub open-source repository.[10] However, concerns have been repeatedly raised in various computing-related blogs[11][12][13][14][15][16] and forums[17][18][19][20][21][22][23][24][25][26] regarding the fact that source code tree contains a large number of pre-compiled blobs (binary executable files) of unknown origin, which makes it difficult or impossible to audit the content of the software and verify that no malicious payloads (e.g. backdoors) are being delivered. Additional concerns were raised in the same blogs and forums that the software appears to originate from China, that the software author has not responded to the concerns over the blobs for several years, that the identity of the author cannot be exactly established and that distribution of blobs without the corresponding source code could be a violation of GPLv3+ license the software claims to adhere to. Parallels have been drawn to recent vulnerabilities discovered in XZ Utils software.[21] As of 7 May 2025, the author of the project has responded[18] to the concerns over the blobs. Critics, however, point out that the response was limited to merely listing all the blobs along with build instructions, which other open source community members found very convoluted and difficult to reproduce[12][22].
