npm Package Vulnerabilities

All 2,647 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,286 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 1,051.deeps1 CVE
  2. 1,052.deep-set1 CVE
  3. 1,053.@deepstream/server1 CVE
  4. 1,054.deferred-exec1 CVE
  5. 1,055.defu1 CVE
  6. 1,056.degenerator1 CVE
  7. 1,057.@delmaredigital/payload-puck1 CVE
  8. 1,058.deobfuscator1 CVE
  9. 1,059.depath1 CVE
  10. 1,060.desafio1 CVE
  11. 1,061.devcert-sanscache1 CVE
  12. 1,062.@developer.notchatbot/webchat1 CVE
  13. 1,063.@devicefarmer/stf1 CVE
  14. 1,064.dexie1 CVE
  15. 1,065.@dfinity/auth-client1 CVE
  16. 1,066.@dfinity/identity1 CVE
  17. 1,067.dgard8.lab61 CVE
  18. 1,068.dicer1 CVE
  19. 1,069.@diez/generation1 CVE
  20. 1,070.diff1 CVE
  21. 1,071.@digitalbazaar/zcap1 CVE
  22. 1,072.@digitalocean/do-markdownit1 CVE
  23. 1,073.@diplodoc/search-extension1 CVE
  24. 1,074.@dirac-grid/diracx-web-components1 CVE
  25. 1,075.@directus/env1 CVE
  26. 1,076.@directus/types1 CVE
  27. 1,077.discordi.js1 CVE
  28. 1,078.diskusage-ng1 CVE
  29. 1,079.djv1 CVE
  30. 1,080.djvalidator1 CVE
  31. 1,081.dmmcquay.lab61 CVE
  32. 1,082.dns-packet1 CVE
  33. 1,083.docker-compose-remote-api1 CVE
  34. 1,084.docker-tester1 CVE
  35. 1,085.doc-path1 CVE
  36. 1,086.docsgpt1 CVE
  37. 1,087.docusaurus-plugin-content-gists1 CVE
  38. 1,088.domain-suffix1 CVE
  39. 1,089.dom-expressions1 CVE
  40. 1,090.dom-iterator1 CVE
  41. 1,091.dot1 CVE
  42. 1,092.dot-lens1 CVE
  43. 1,093.dot-notes1 CVE
  44. 1,094.dot-object1 CVE
  45. 1,095.dot-prop1 CVE
  46. 1,096.dottie1 CVE
  47. 1,097.dref1 CVE
  48. 1,098.drizzle-orm1 CVE
  49. 1,099.dssrf1 CVE
  50. 1,100.duckdb1 CVE

Which npm packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →