npm Package Vulnerabilities

All 2,643 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,245 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 551.pug2 CVEs
  2. 552.pug-code-gen2 CVEs
  3. 553.putil-merge2 CVEs
  4. 554.querymen2 CVEs
  5. 555.quill2 CVEs
  6. 556.react-dev-utils2 CVEs
  7. 557.react-draft-wysiwyg2 CVEs
  8. 558.realms-shim2 CVEs
  9. 559.@remix-run/react2 CVEs
  10. 560.remotion2 CVEs
  11. 561.replicator2 CVEs
  12. 562.request2 CVEs
  13. 563.reveal.js2 CVEs
  14. 564.rollbar2 CVEs
  15. 565.rollup2 CVEs
  16. 566.rollup-plugin-server2 CVEs
  17. 567.rwsdk2 CVEs
  18. 568.schema-inspector2 CVEs
  19. 569.scratch-svg-renderer2 CVEs
  20. 570.sds2 CVEs
  21. 571.semantic-release2 CVEs
  22. 572.semver2 CVEs
  23. 573.semver-regex2 CVEs
  24. 574.@sentry/astro2 CVEs
  25. 575.@sentry/nextjs2 CVEs
  26. 576.serialize-to-js2 CVEs
  27. 577.serve-lite2 CVEs
  28. 578.serve-static2 CVEs
  29. 579.ses2 CVEs
  30. 580.set-value2 CVEs
  31. 581.shiba2 CVEs
  32. 582.simditor2 CVEs
  33. 583.snyk-gradle-plugin2 CVEs
  34. 584.socket.io-file2 CVEs
  35. 585.sockjs2 CVEs
  36. 586.@solana/web3.js2 CVEs
  37. 587.sqlite32 CVEs
  38. 588.squirrelly2 CVEs
  39. 589.ssrfcheck2 CVEs
  40. 590.ssri2 CVEs
  41. 591.st2 CVEs
  42. 592.statics-server2 CVEs
  43. 593.status-board2 CVEs
  44. 594.storybook2 CVEs
  45. 595.@strapi/database2 CVEs
  46. 596.@strikeentco/set2 CVEs
  47. 597.summernote2 CVEs
  48. 598.@sveltejs/adapter-node2 CVEs
  49. 599.@sync-in/server2 CVEs
  50. 600.@theia/ai-ide2 CVEs

Which npm packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →