npm Package Vulnerabilities
All 2,647 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,285 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 1,001.curljs1 CVE
- 1,002.curlrequest1 CVE
- 1,003.curly-bracket-parser1 CVE
- 1,004.curses1 CVE
- 1,005.@curveball/a12n-server1 CVE
- 1,006.@cyanheads/git-mcp-server1 CVE
- 1,007.cyber-js1 CVE
- 1,008.cycle-import-check1 CVE
- 1,009.@cyclonedx/cdxgen1 CVE
- 1,010.@cyclonedx/cyclonedx-library1 CVE
- 1,011.@cyclonedx/cyclonedx-npm1 CVE
- 1,012.@cyntler/react-doc-viewer1 CVE
- 1,013.@cypress/request1 CVE
- 1,014.cypserver1 CVE
- 1,015.d3.js1 CVE
- 1,016.@dadigua/hyperchat1 CVE
- 1,017.dalek-browser-chrome1 CVE
- 1,018.dalek-browser-chrome-canary1 CVE
- 1,019.dalek-browser-ie1 CVE
- 1,020.dalek-browser-ie-canary1 CVE
- 1,021.@dapperduckling/keycloak-connector-server1 CVE
- 1,022.dasafio1 CVE
- 1,023.dash-core-components1 CVE
- 1,024.dash-html-components1 CVE
- 1,025.datachannel-client1 CVE
- 1,026.datatables1 CVE
- 1,027.date-and-time1 CVE
- 1,028.dat.gui1 CVE
- 1,029.dawnsparks-node-tesseract1 CVE
- 1,030.dbgate1 CVE
- 1,031.dbgate-serve1 CVE
- 1,032.dcdcdcdcdc1 CVE
- 1,033.@dcl/single-sign-on-client1 CVE
- 1,034.dcserver1 CVE
- 1,035.deap1 CVE
- 1,036.decamelize1 CVE
- 1,037.decap-cms1 CVE
- 1,038.decode-uri-component1 CVE
- 1,039.decompress1 CVE
- 1,040.dectalk-tts1 CVE
- 1,041.deep.assign1 CVE
- 1,042.deep-defaults1 CVE
- 1,043.deep-extend1 CVE
- 1,044.deeply1 CVE
- 1,045.deepmergefn1 CVE
- 1,046.deepmerge-ts1 CVE
- 1,047.deep-object-diff1 CVE
- 1,048.deep-override1 CVE
- 1,049.deep-parse-json1 CVE
- 1,050.deepref1 CVE
Which npm packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →