npm Package Vulnerabilities

All 2,647 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,290 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 1,451.irrelon-path1 CVE
  2. 1,452.@isaacs/brace-expansion1 CVE
  3. 1,453.is-arrayish1 CVE
  4. 1,454.is-email1 CVE
  5. 1,455.is-http21 CVE
  6. 1,456.is_js1 CVE
  7. 1,457.isomorphic-git1 CVE
  8. 1,458.@isomorphic-git/cors-proxy1 CVE
  9. 1,459.is-url1 CVE
  10. 1,460.is-user-valid1 CVE
  11. 1,461.iter-http1 CVE
  12. 1,462.iter-server1 CVE
  13. 1,463.izimodal1 CVE
  14. 1,464.jadedown1 CVE
  15. 1,465.jailed1 CVE
  16. 1,466.jansenstuffpleasework1 CVE
  17. 1,467.jdf-sass1 CVE
  18. 1,468.jikes1 CVE
  19. 1,469.@jitbit/htmlsanitizer1 CVE
  20. 1,470.jn_jj_server1 CVE
  21. 1,471.@joeattardi/emoji-button1 CVE
  22. 1,472.joi1 CVE
  23. 1,473.@joplin/onenote-converter1 CVE
  24. 1,474.jplayer1 CVE
  25. 1,475.jquery-bbq1 CVE
  26. 1,476.jquery-deparam1 CVE
  27. 1,477.jqueryfiletree1 CVE
  28. 1,478.jquery.js1 CVE
  29. 1,479.jquery.json-viewer1 CVE
  30. 1,480.jquery-query-object1 CVE
  31. 1,481.jquery.terminal1 CVE
  32. 1,482.jquey1 CVE
  33. 1,483.js-cookie1 CVE
  34. 1,484.jscover1 CVE
  35. 1,485.js-deobfuscator1 CVE
  36. 1,486.jsen1 CVE
  37. 1,487.jser-stat1 CVE
  38. 1,488.js-extend1 CVE
  39. 1,489.js-given1 CVE
  40. 1,490.jsgui-lang-essentials1 CVE
  41. 1,491.jshamcrest1 CVE
  42. 1,492.js-ini1 CVE
  43. 1,493.json1 CVE
  44. 1,494.json51 CVE
  45. 1,495.json81 CVE
  46. 1,496.json8-merge-patch1 CVE
  47. 1,497.jsonata1 CVE
  48. 1,498.json-bigint1 CVE
  49. 1,499.jsondiffpatch1 CVE
  50. 1,500.json-logic-js1 CVE

Which npm packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →