npm Package Vulnerabilities
All 2,642 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,233 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 301.stimulsoft-dashboards-js3 CVEs
- 302.@strapi/core3 CVEs
- 303.@strapi/plugin-content-manager3 CVEs
- 304.@strapi/utils3 CVEs
- 305.@theia/ai-chat3 CVEs
- 306.@theia/ai-chat-ui3 CVEs
- 307.@theia/ai-claude-code3 CVEs
- 308.@theia/ai-code-completion3 CVEs
- 309.@theia/ai-core3 CVEs
- 310.@theia/ai-editor3 CVEs
- 311.tinacms3 CVEs
- 312.tmp3 CVEs
- 313.tough-cookie3 CVEs
- 314.@typebot.io/js3 CVEs
- 315.typeorm3 CVEs
- 316.uap-core3 CVEs
- 317.@vitest/browser3 CVEs
- 318.@vrite/sdk3 CVEs
- 319.vuetify3 CVEs
- 320.@workos-inc/authkit-nextjs3 CVEs
- 321.xml-crypto3 CVEs
- 322.yapi-vendor3 CVEs
- 323.9router2 CVEs
- 324.@actions/core2 CVEs
- 325.@adobe/css-tools2 CVEs
- 326.aedes2 CVEs
- 327.aegir2 CVEs
- 328.agents2 CVEs
- 329.ag-grid-community2 CVEs
- 330.ag-grid-enterprise2 CVEs
- 331.ajv2 CVEs
- 332.algoliasearch-helper2 CVEs
- 333.@anthropic-ai/sdk2 CVEs
- 334.apidoc-core2 CVEs
- 335.@apollo/query-planner2 CVEs
- 336.assign-deep2 CVEs
- 337.@astrojs/cloudflare2 CVEs
- 338.async-git2 CVEs
- 339.aws-cdk2 CVEs
- 340.@backstage/backend-defaults2 CVEs
- 341.@backstage/plugin-auth-backend2 CVEs
- 342.@backstage/plugin-catalog-backend2 CVEs
- 343.@backstage/plugin-scaffolder-node2 CVEs
- 344.@backstage/plugin-techdocs-backend2 CVEs
- 345.@backstage/plugin-techdocs-node2 CVEs
- 346.@backstage/techdocs-common2 CVEs
- 347.billboard.js2 CVEs
- 348.bmoor2 CVEs
- 349.bodymen2 CVEs
- 350.body-parser2 CVEs
Which npm packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →