npm Package Vulnerabilities

All 2,647 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,276 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 751.@azure/ms-rest-nodeauth1 CVE
  2. 752.babelcli1 CVE
  3. 753.@babel/core1 CVE
  4. 754.@babel/helpers1 CVE
  5. 755.@babel/plugin-transform-modules-systemjs1 CVE
  6. 756.@babel/runtime1 CVE
  7. 757.@babel/runtime-corejs21 CVE
  8. 758.@babel/runtime-corejs31 CVE
  9. 759.@babel/traverse1 CVE
  10. 760.babel-traverse1 CVE
  11. 761.backbone1 CVE
  12. 762.backbone-query-parameters1 CVE
  13. 763.backslash1 CVE
  14. 764.@backstage/backend-app-api1 CVE
  15. 765.@backstage/backend-common1 CVE
  16. 766.@backstage/catalog-model1 CVE
  17. 767.@backstage/cli-common1 CVE
  18. 768.@backstage/core-components1 CVE
  19. 769.@backstage/integration1 CVE
  20. 770.@backstage/plugin-app-backend1 CVE
  21. 771.@backstage/plugin-catalog-backend-module-unprocessed1 CVE
  22. 772.@backstage/plugin-catalog-unprocessed-entities1 CVE
  23. 773.@backstage/plugin-catalog-unprocessed-entities-common1 CVE
  24. 774.@backstage/plugin-permission-backend1 CVE
  25. 775.@backstage/plugin-techdocs1 CVE
  26. 776.badjs-sourcemap-server1 CVE
  27. 777.baileys1 CVE
  28. 778.baobab1 CVE
  29. 779.baremetrics-calendar1 CVE
  30. 780.baryton-saxophone1 CVE
  31. 781.base-x1 CVE
  32. 782.basic-auth-connect1 CVE
  33. 783.bassmaster1 CVE
  34. 784.bcoin1 CVE
  35. 785.bcrypt1 CVE
  36. 786.beautiful-mermaid1 CVE
  37. 787.@beproduct/nestjs-auth1 CVE
  38. 788.bestzip1 CVE
  39. 789.@better-auth/oauth-provider1 CVE
  40. 790.bigint-buffer1 CVE
  41. 791.bignum1 CVE
  42. 792.binary-parser1 CVE
  43. 793.bionode-sra1 CVE
  44. 794.@bit/loader1 CVE
  45. 795.bittorrent-dht1 CVE
  46. 796.bitty1 CVE
  47. 797.bkjs-wand1 CVE
  48. 798.bl1 CVE
  49. 799.@blackprint/engine1 CVE
  50. 800.@blakeembrey/template1 CVE

Which npm packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →