npm Package Vulnerabilities
All 2,643 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,245 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 651.@adonisjs/lucid1 CVE
- 652.@aedart/support1 CVE
- 653.aerospike1 CVE
- 654.@agenticmail/api1 CVE
- 655.@agenticmail/core1 CVE
- 656.@agenticmail/mcp1 CVE
- 657.ag-grid1 CVE
- 658.@ag-grid-enterprise/charts1 CVE
- 659.ai1 CVE
- 660.@aiondadotcom/mcp-ssh1 CVE
- 661.airbrake1 CVE
- 662.air-sdk1 CVE
- 663.@airvertco/frappejs1 CVE
- 664.@ai-sdk/provider-utils1 CVE
- 665.@akbr/patch-into1 CVE
- 666.@akbr/update1 CVE
- 667.@akoskm/create-mcp-server-stdio1 CVE
- 668.@alexbinary/object-deep-assign1 CVE
- 669.@alizeait/unflatto1 CVE
- 670.@allanlancioni/flatten-json1 CVE
- 671.@almela/obx1 CVE
- 672.altcha1 CVE
- 673.altcha-lib1 CVE
- 674.alto-saxophone1 CVE
- 675.@amoy/common1 CVE
- 676.anchorme1 CVE
- 677.@andrei-tatar/nora-firebase-common1 CVE
- 678.angular-base64-upload1 CVE
- 679.angular-http-server1 CVE
- 680.angular-jwt1 CVE
- 681.angular-redactor1 CVE
- 682.angular-sanitize1 CVE
- 683.angular-server-side-configuration1 CVE
- 684.angular-ui-notification1 CVE
- 685.ansi2html1 CVE
- 686.ansi-html1 CVE
- 687.ansi-regex1 CVE
- 688.ansi_up1 CVE
- 689.@antfu/utils1 CVE
- 690.@anthropic-ai/sandbox-runtime1 CVE
- 691.antsword1 CVE
- 692.@aofl/cli-lib1 CVE
- 693.@apeleghq/asn1-der1 CVE
- 694.apexcharts1 CVE
- 695.apex-publish-static-files1 CVE
- 696.apiconnect-cli-plugins1 CVE
- 697.@apidevtools/json-schema-ref-parser1 CVE
- 698.@apify/actors-mcp-server1 CVE
- 699.api-lab-mcp1 CVE
- 700.apk-parser1 CVE
Which npm packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →