npm Package Vulnerabilities

All 2,648 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,340 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 2,201.selenium-wrapper1 CVE
  2. 2,202.semver-tags1 CVE
  3. 2,203.sencisho1 CVE
  4. 2,204.seneca1 CVE
  5. 2,205.@sentry/aws-serverless1 CVE
  6. 2,206.@sentry/bun1 CVE
  7. 2,207.@sentry/google-cloud-serverless1 CVE
  8. 2,208.@sentry/nestjs1 CVE
  9. 2,209.@sentry/node1 CVE
  10. 2,210.@sentry/node-core1 CVE
  11. 2,211.@sentry/nuxt1 CVE
  12. 2,212.@sentry/remix1 CVE
  13. 2,213.@sentry/solidstart1 CVE
  14. 2,214.@sentry/sveltekit1 CVE
  15. 2,215.@sequa-ai/sequa-mcp1 CVE
  16. 2,216.sequelize-typescript1 CVE
  17. 2,217.serc.js1 CVE
  18. 2,218.@serenity-is/corelib1 CVE
  19. 2,219.serial-number1 CVE
  20. 2,220.serve461 CVE
  21. 2,221.serve-here.js1 CVE
  22. 2,222.serve-index1 CVE
  23. 2,223.serverabc1 CVE
  24. 2,224.serverhuwenhui1 CVE
  25. 2,225.serverless1 CVE
  26. 2,226.serverless-offline1 CVE
  27. 2,227.serverliujiayi11 CVE
  28. 2,228.serverlyr1 CVE
  29. 2,229.serverwg1 CVE
  30. 2,230.serverwzl1 CVE
  31. 2,231.serverxxx1 CVE
  32. 2,232.serveryaozeyan1 CVE
  33. 2,233.serveryztyzt1 CVE
  34. 2,234.serverzyy1 CVE
  35. 2,235.servey1 CVE
  36. 2,236.servify-express1 CVE
  37. 2,237.servst1 CVE
  38. 2,238.set-deep-prop1 CVE
  39. 2,239.set-getter1 CVE
  40. 2,240.set-object-value1 CVE
  41. 2,241.set-or-get1 CVE
  42. 2,242.sexstatic1 CVE
  43. 2,243.sey1 CVE
  44. 2,244.sfml1 CVE
  45. 2,245.sgqserve1 CVE
  46. 2,246.shadowsock1 CVE
  47. 2,247.sha.js1 CVE
  48. 2,248.shamefile1 CVE
  49. 2,249.sharp1 CVE
  50. 2,250.shave1 CVE

Which npm packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →