npm Package Vulnerabilities
All 2,648 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,338 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 1,951.parse-ini1 CVE
- 1,952.parsejson1 CVE
- 1,953.parse-link-header1 CVE
- 1,954.parse-nested-form-data1 CVE
- 1,955.parse-path1 CVE
- 1,956.parse-server-push-adapter1 CVE
- 1,957.parseuri1 CVE
- 1,958.parse-uri1 CVE
- 1,959.passbolt-browser-extension1 CVE
- 1,960.passport1 CVE
- 1,961.passport-azure-ad1 CVE
- 1,962.passport-oauth21 CVE
- 1,963.passport-sharepoint1 CVE
- 1,964.patchmerge1 CVE
- 1,965.path-parse1 CVE
- 1,966.path-sanitizer1 CVE
- 1,967.pathval1 CVE
- 1,968.@payloadcms/drizzle1 CVE
- 1,969.@payloadcms/storage-azure1 CVE
- 1,970.@payloadcms/storage-gcs1 CVE
- 1,971.@payloadcms/storage-r21 CVE
- 1,972.@payloadcms/storage-s31 CVE
- 1,973.paypal-adaptive1 CVE
- 1,974.paypal-ipn1 CVE
- 1,975.pdfinfojs1 CVE
- 1,976.@pdfme/common1 CVE
- 1,977.peertube1 CVE
- 1,978.@peertube/embed-api1 CVE
- 1,979.peiserver1 CVE
- 1,980.pekeupload1 CVE
- 1,981.@pendo324/get-process-by-name1 CVE
- 1,982.pennyworth1 CVE
- 1,983.@penpot/mcp1 CVE
- 1,984.pepr1 CVE
- 1,985.pg1 CVE
- 1,986.pg-native1 CVE
- 1,987.pg-promise1 CVE
- 1,988.@phala/dcap-qvl1 CVE
- 1,989.@phala/dcap-qvl-node1 CVE
- 1,990.@phala/dcap-qvl-web1 CVE
- 1,991.phantom-html-to-pdf1 CVE
- 1,992.phantomjs1 CVE
- 1,993.phantomjs-cheniu1 CVE
- 1,994.phantomjs-seo1 CVE
- 1,995.phoenix_html1 CVE
- 1,996.phpjs1 CVE
- 1,997.picard1 CVE
- 1,998.picotts1 CVE
- 1,999.pidusage1 CVE
- 2,000.piscina1 CVE
Which npm packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →