npm Package Vulnerabilities
All 2,648 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,338 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 2,001.pixl-class1 CVE
- 2,002.pk-app-wonderbox1 CVE
- 2,003.pkg1 CVE
- 2,004.@pkgr/core1 CVE
- 2,005.playwright1 CVE
- 2,006.@playwright/mcp1 CVE
- 2,007.plist1 CVE
- 2,008.plupload1 CVE
- 2,009.pm21 CVE
- 2,010.pm2-kafka1 CVE
- 2,011.pngcrush-installer1 CVE
- 2,012.png-img1 CVE
- 2,013.@pnpm/cafs1 CVE
- 2,014.@pnpm/exe1 CVE
- 2,015.@pnpm/linux-arm641 CVE
- 2,016.@pnpm/linuxstatic-arm641 CVE
- 2,017.@pnpm/linux-x641 CVE
- 2,018.@pnpm/macos-arm641 CVE
- 2,019.@pnpm/macos-x641 CVE
- 2,020.@pnpm/win-x641 CVE
- 2,021.poco1 CVE
- 2,022.@podium/layout1 CVE
- 2,023.@podium/proxy1 CVE
- 2,024.pomelo1 CVE
- 2,025.pomelo-monitor1 CVE
- 2,026.pooledwebsocket1 CVE
- 2,027.@portkey-ai/gateway1 CVE
- 2,028.portkiller1 CVE
- 2,029.port-killer1 CVE
- 2,030.portprocesses1 CVE
- 2,031.posix1 CVE
- 2,032.posthog-js1 CVE
- 2,033.@posthog/plugin-server1 CVE
- 2,034.post-loader1 CVE
- 2,035.pouchdb1 CVE
- 2,036.@powersync/service-core1 CVE
- 2,037.@powersync/service-sync-rules1 CVE
- 2,038.preact1 CVE
- 2,039.prebid.js1 CVE
- 2,040.prebid-universal-creative1 CVE
- 2,041.prebuild-lwip1 CVE
- 2,042.predefine1 CVE
- 2,043.primefaces1 CVE
- 2,044.prince1 CVE
- 2,045.printer1 CVE
- 2,046.printf1 CVE
- 2,047.@prisma/sdk1 CVE
- 2,048.probot1 CVE
- 2,049.proctree1 CVE
- 2,050.product-monitor1 CVE
Which npm packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →