npm Package Vulnerabilities
All 2,647 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,290 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 1,351.h31 CVE
- 1,352.hackmd-mcp1 CVE
- 1,353.haml-coffee1 CVE
- 1,354.handsontable1 CVE
- 1,355.hapi-auth-jwt21 CVE
- 1,356.@hapi/hoek1 CVE
- 1,357.@hapi/inert1 CVE
- 1,358.haxe1 CVE
- 1,359.haxe31 CVE
- 1,360.haxe-dev1 CVE
- 1,361.haxeshim1 CVE
- 1,362.@haxtheweb/iframe-loader1 CVE
- 1,363.hbs1 CVE
- 1,364.hcbserver1 CVE
- 1,365.headless-browser-lite1 CVE
- 1,366.healthcenter1 CVE
- 1,367.hemmelig1 CVE
- 1,368.herbivore1 CVE
- 1,369.heroku-addonpool1 CVE
- 1,370.heroku-env1 CVE
- 1,371.hexo-admin1 CVE
- 1,372.hexo-theme-anzhiyu1 CVE
- 1,373.hfs1 CVE
- 1,374.hftp1 CVE
- 1,375.highlight.js1 CVE
- 1,376.highlight.run1 CVE
- 1,377.hoolock1 CVE
- 1,378.@hoppscotch/cli1 CVE
- 1,379.hosted-git-info1 CVE
- 1,380.hostr1 CVE
- 1,381.hot-formula-parser1 CVE
- 1,382.@hotwired/turbo1 CVE
- 1,383.@hpke/core1 CVE
- 1,384.html2pdf.js1 CVE
- 1,385.html-minifier1 CVE
- 1,386.html-parse-stringify1 CVE
- 1,387.html-parse-stringify21 CVE
- 1,388.html-pdf1 CVE
- 1,389.http-cache-semantics1 CVE
- 1,390.http-proxy1 CVE
- 1,391.http-proxy-agent1 CVE
- 1,392.http-proxy.js1 CVE
- 1,393.http_server1 CVE
- 1,394.http-server-node1 CVE
- 1,395.http-signature1 CVE
- 1,396.https-proxy-agent1 CVE
- 1,397.http_static_simple1 CVE
- 1,398.httpster1 CVE
- 1,399.httpsync1 CVE
- 1,400.hubl-server1 CVE
Which npm packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →