Packagist Package Vulnerabilities

All 919 PHP / Composer packages with known CVEs, ranked by live CVE volume — 5,801 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 451.brotkrueml/typo3-matomo-integration1 CVE
  2. 452.bugsnag/bugsnag-laravel1 CVE
  3. 453.bvbmedia/multishop1 CVE
  4. 454.cadmium-org/cadmium-cms1 CVE
  5. 455.cakephp/authentication1 CVE
  6. 456.cakephp/database1 CVE
  7. 457.cardgate/magento21 CVE
  8. 458.cardgate/woocommerce1 CVE
  9. 459.catfan/medoo1 CVE
  10. 460.causal/oidc1 CVE
  11. 461.cesnet/simplesamlphp-module-proxystatistics1 CVE
  12. 462.chriskacerguis/codeigniter-restserver1 CVE
  13. 463.chrome-php/chrome1 CVE
  14. 464.civicrm/civicrm-core1 CVE
  15. 465.clickstorm/cs-seo1 CVE
  16. 466.codeception/codeception1 CVE
  17. 467.codingms/modules1 CVE
  18. 468.commerceteam/commerce1 CVE
  19. 469.contao/comments-bundle1 CVE
  20. 470.contao-components/mediaelement1 CVE
  21. 471.contao/listing-bundle1 CVE
  22. 472.contao/managed-edition1 CVE
  23. 473.corveda/phpsandbox1 CVE
  24. 474.cosenary/instagram1 CVE
  25. 475.co-stack/fal_sftp1 CVE
  26. 476.couleurcitron/tarteaucitron-wp1 CVE
  27. 477.craftcms/aws-s31 CVE
  28. 478.craftcms/azure-blob1 CVE
  29. 479.craftcms/composer1 CVE
  30. 480.craftcms/craft1 CVE
  31. 481.craftcms/google-cloud1 CVE
  32. 482.craftcms/webhooks1 CVE
  33. 483.cuyz/valinor1 CVE
  34. 484.czim/file-handling1 CVE
  35. 485.czproject/git-php1 CVE
  36. 486.damienharper/auditor-bundle1 CVE
  37. 487.dapphp/securimage1 CVE
  38. 488.darylldoyle/safe-svg1 CVE
  39. 489.datatables/datatables1 CVE
  40. 490.david-garcia/phpwhois1 CVE
  41. 491.dbrisinajumi/d2files1 CVE
  42. 492.dedoc/scramble1 CVE
  43. 493.derhansen/fe_change_pwd1 CVE
  44. 494.desperado/xml-bundle1 CVE
  45. 495.devgroup/dotplant1 CVE
  46. 496.dev-lancer/minecraft-motd-parser1 CVE
  47. 497.digimix/wp-svg-upload1 CVE
  48. 498.directorytree/imapengine1 CVE
  49. 499.dl/yag1 CVE
  50. 500.dnadesign/silverstripe-elemental1 CVE

Which Packagist packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →