npm Package Vulnerabilities

All 2,647 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,286 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 1,101.@duckdb/duckdb-wasm1 CVE
  2. 1,102.@duckdb/node-api1 CVE
  3. 1,103.@duckdb/node-bindings1 CVE
  4. 1,104.dustjs-linkedin1 CVE
  5. 1,105.dwebp-bin1 CVE
  6. 1,106.dylmomo1 CVE
  7. 1,107.dynamoose1 CVE
  8. 1,108.dynoxide1 CVE
  9. 1,109.earlybird1 CVE
  10. 1,110.easyquick1 CVE
  11. 1,111.easy-static-server1 CVE
  12. 1,112.@easy-team/easywebpack-cli1 CVE
  13. 1,113.eazy-logger1 CVE
  14. 1,114.ebay-mcp1 CVE
  15. 1,115.ecdh1 CVE
  16. 1,116.edge.js1 CVE
  17. 1,117.@editorjs/editorjs1 CVE
  18. 1,118.effect1 CVE
  19. 1,119.egg-scripts1 CVE
  20. 1,120.@eivifj/dot1 CVE
  21. 1,121.elding1 CVE
  22. 1,122.@electron/packager1 CVE
  23. 1,123.electron-packager1 CVE
  24. 1,124.electron-pdf1 CVE
  25. 1,125.electron-updater1 CVE
  26. 1,126.@element-hq/element-call-embedded1 CVE
  27. 1,127.@elgentos/magento2-dev-mcp1 CVE
  28. 1,128.@elysiajs/cors1 CVE
  29. 1,129.email-existence1 CVE
  30. 1,130.embedza1 CVE
  31. 1,131.@enclave-vm/core1 CVE
  32. 1,132.@enderfga/claw-orchestrator1 CVE
  33. 1,133.engine.io-client1 CVE
  34. 1,134.enpeem1 CVE
  35. 1,135.@ensdomains/ens1 CVE
  36. 1,136.@ensdomains/ens-contracts1 CVE
  37. 1,137.enserver1 CVE
  38. 1,138.ep_etherpad-lite1 CVE
  39. 1,139.epiceditor1 CVE
  40. 1,140.epubjs1 CVE
  41. 1,141.error-ex1 CVE
  42. 1,142.es5-ext1 CVE
  43. 1,143.es6-crawler-detect1 CVE
  44. 1,144.eslint1 CVE
  45. 1,145.eslint-config-prettier1 CVE
  46. 1,146.eslint-detailed-reporter1 CVE
  47. 1,147.eslint-fixer1 CVE
  48. 1,148.@eslint/plugin-kit1 CVE
  49. 1,149.eslint-plugin-prettier1 CVE
  50. 1,150.eslint-utils1 CVE

Which npm packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →