npm Package Vulnerabilities
All 2,642 JavaScript / Node.js packages with known CVEs, ranked by live CVE volume — 5,240 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 401.expo2 CVEs
- 402.express-fileupload2 CVEs
- 403.express-gateway2 CVEs
- 404.express-openid-connect2 CVEs
- 405.express-xss-sanitizer2 CVEs
- 406.expr-eval2 CVEs
- 407.expr-eval-fork2 CVEs
- 408.fast-filesystem-mcp2 CVEs
- 409.fastify-csrf2 CVEs
- 410.@fastify/multipart2 CVEs
- 411.fastify-multipart2 CVEs
- 412.@fastify/passport2 CVEs
- 413.@fastify/static2 CVEs
- 414.fastify-static2 CVEs
- 415.@fastly/js-compute2 CVEs
- 416.fast-string-search2 CVEs
- 417.fast-uri2 CVEs
- 418.fast-xml-builder2 CVEs
- 419.financejs2 CVEs
- 420.@finastra/nestjs-proxy2 CVEs
- 421.@finastra/ssr-pages2 CVEs
- 422.find-my-way2 CVEs
- 423.fiora2 CVEs
- 424.flatted2 CVEs
- 425.form-data2 CVEs
- 426.formio2 CVEs
- 427.forms2 CVEs
- 428.ftp-srv2 CVEs
- 429.fullpage.js2 CVEs
- 430.generator-jhipster2 CVEs
- 431.generator-jhipster-kotlin2 CVEs
- 432.genieacs2 CVEs
- 433.ggit2 CVEs
- 434.gitbook2 CVEs
- 435.@github/copilot2 CVEs
- 436.@gitlawb/openclaude2 CVEs
- 437.glob-parent2 CVEs
- 438.@hapi/content2 CVEs
- 439.@hapi/wreck2 CVEs
- 440.Haraka2 CVEs
- 441.harp2 CVEs
- 442.hashbrown-cms2 CVEs
- 443.hawk2 CVEs
- 444.@haxtheweb/open-apis2 CVEs
- 445.@haxtheweb/video-player2 CVEs
- 446.hekto2 CVEs
- 447.hellojs2 CVEs
- 448.hexo2 CVEs
- 449.highcharts2 CVEs
- 450.hoek2 CVEs
Which npm packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →