npm Package Vulnerabilities
All 2,647 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,276 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 751.@azure/ms-rest-nodeauth1 CVE
- 752.babelcli1 CVE
- 753.@babel/core1 CVE
- 754.@babel/helpers1 CVE
- 755.@babel/plugin-transform-modules-systemjs1 CVE
- 756.@babel/runtime1 CVE
- 757.@babel/runtime-corejs21 CVE
- 758.@babel/runtime-corejs31 CVE
- 759.@babel/traverse1 CVE
- 760.babel-traverse1 CVE
- 761.backbone1 CVE
- 762.backbone-query-parameters1 CVE
- 763.backslash1 CVE
- 764.@backstage/backend-app-api1 CVE
- 765.@backstage/backend-common1 CVE
- 766.@backstage/catalog-model1 CVE
- 767.@backstage/cli-common1 CVE
- 768.@backstage/core-components1 CVE
- 769.@backstage/integration1 CVE
- 770.@backstage/plugin-app-backend1 CVE
- 771.@backstage/plugin-catalog-backend-module-unprocessed1 CVE
- 772.@backstage/plugin-catalog-unprocessed-entities1 CVE
- 773.@backstage/plugin-catalog-unprocessed-entities-common1 CVE
- 774.@backstage/plugin-permission-backend1 CVE
- 775.@backstage/plugin-techdocs1 CVE
- 776.badjs-sourcemap-server1 CVE
- 777.baileys1 CVE
- 778.baobab1 CVE
- 779.baremetrics-calendar1 CVE
- 780.baryton-saxophone1 CVE
- 781.base-x1 CVE
- 782.basic-auth-connect1 CVE
- 783.bassmaster1 CVE
- 784.bcoin1 CVE
- 785.bcrypt1 CVE
- 786.beautiful-mermaid1 CVE
- 787.@beproduct/nestjs-auth1 CVE
- 788.bestzip1 CVE
- 789.@better-auth/oauth-provider1 CVE
- 790.bigint-buffer1 CVE
- 791.bignum1 CVE
- 792.binary-parser1 CVE
- 793.bionode-sra1 CVE
- 794.@bit/loader1 CVE
- 795.bittorrent-dht1 CVE
- 796.bitty1 CVE
- 797.bkjs-wand1 CVE
- 798.bl1 CVE
- 799.@blackprint/engine1 CVE
- 800.@blakeembrey/template1 CVE
Which npm packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →