npm Package Vulnerabilities

All 2,647 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,280 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 801.@blakeembrey/template1 CVE
  2. 802.Blink1Control21 CVE
  3. 803.blinksocks1 CVE
  4. 804.blitz1 CVE
  5. 805.blueimp-file-upload1 CVE
  6. 806.bn.js1 CVE
  7. 807.body-parser-xml1 CVE
  8. 808.bootbox1 CVE
  9. 809.bootstrap-multiselect1 CVE
  10. 810.bootstrap-select1 CVE
  11. 811.bostr1 CVE
  12. 812.botbait1 CVE
  13. 813.botframework-connector1 CVE
  14. 814.bower1 CVE
  15. 815.box2d-native1 CVE
  16. 816.bracket-template1 CVE
  17. 817.braft-editor1 CVE
  18. 818.@brikcss/merge1 CVE
  19. 819.broccoli-closure1 CVE
  20. 820.broccoli-compass1 CVE
  21. 821.browserify-hmr1 CVE
  22. 822.browserify-sign1 CVE
  23. 823.browserless-chrome1 CVE
  24. 824.browserslist1 CVE
  25. 825.browserstack-local1 CVE
  26. 826.bsock1 CVE
  27. 827.bson-objectid1 CVE
  28. 828.@bsv/sdk1 CVE
  29. 829.@budibase/bbui1 CVE
  30. 830.@budibase/builder1 CVE
  31. 831.bun1 CVE
  32. 832.buns1 CVE
  33. 833.@bunt/app1 CVE
  34. 834.buttercms1 CVE
  35. 835.buttercup1 CVE
  36. 836.bwm-ng1 CVE
  37. 837.byucslabsix1 CVE
  38. 838.calipso1 CVE
  39. 839.call1 CVE
  40. 840.calmquist.static-server1 CVE
  41. 841.canvas1 CVE
  42. 842.canvg1 CVE
  43. 843.caolilinode1 CVE
  44. 844.@capgo/capacitor-native-biometric1 CVE
  45. 845.@capgo/cli1 CVE
  46. 846.@cap-js/db-service1 CVE
  47. 847.@cap-js/postgres1 CVE
  48. 848.@cap-js/sqlite1 CVE
  49. 849.carbone1 CVE
  50. 850.@casl/ability1 CVE

Which npm packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →