npm Package Vulnerabilities

All 2,647 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,284 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 901.@clerk/chrome-extension1 CVE
  2. 902.@clerk/clerk-expo1 CVE
  3. 903.@clerk/clerk-js1 CVE
  4. 904.@clerk/clerk-react1 CVE
  5. 905.@clerk/expo1 CVE
  6. 906.@clerk/react1 CVE
  7. 907.@clerk/remix1 CVE
  8. 908.@clerk/vue1 CVE
  9. 909.clevertap-cordova1 CVE
  10. 910.cli1 CVE
  11. 911.@clickbar/dot-diver1 CVE
  12. 912.client-certificate-auth1 CVE
  13. 913.cline1 CVE
  14. 914.closurecompiler1 CVE
  15. 915.closure-compiler-stream1 CVE
  16. 916.closure-util1 CVE
  17. 917.@cloudflare/vite-plugin1 CVE
  18. 918.cloudinary1 CVE
  19. 919.cloudpub-redis1 CVE
  20. 920.cmake1 CVE
  21. 921.cobalt-cli1 CVE
  22. 922.co-cli-installer1 CVE
  23. 923.cocotais-bot1 CVE
  24. 924.codeceptjs1 CVE
  25. 925.codemirror1 CVE
  26. 926.codem-transcode1 CVE
  27. 927.@coding-solo/godot-mcp1 CVE
  28. 928.cofeescript1 CVE
  29. 929.cofee-script1 CVE
  30. 930.coffescript1 CVE
  31. 931.coffe-script1 CVE
  32. 932.collection.js1 CVE
  33. 933.color1 CVE
  34. 934.color-convert1 CVE
  35. 935.color-name1 CVE
  36. 936.colors1 CVE
  37. 937.comb1 CVE
  38. 938.commandkit1 CVE
  39. 939.commentapp.stetsonwood1 CVE
  40. 940.commonregex1 CVE
  41. 941.compass-compile1 CVE
  42. 942.compile-sass1 CVE
  43. 943.component-flatten1 CVE
  44. 944.conf-cfg-ini1 CVE
  45. 945.config-handler1 CVE
  46. 946.config-shield1 CVE
  47. 947.confinit1 CVE
  48. 948.@conform-to/dom1 CVE
  49. 949.@conform-to/yup1 CVE
  50. 950.@conform-to/zod1 CVE

Which npm packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →