Packagist Package Vulnerabilities

All 919 PHP / Composer packages with known CVEs, ranked by live CVE volume — 5,801 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 501.doctrine/annotations1 CVE
  2. 502.doctrine/cache1 CVE
  3. 503.doctrine/common1 CVE
  4. 504.doctrine/dbal1 CVE
  5. 505.doctrine/mongodb-odm1 CVE
  6. 506.doctrine/mongodb-odm-bundle1 CVE
  7. 507.doctrine/orm1 CVE
  8. 508.doublethreedigital/guest-entries1 CVE
  9. 509.dreamfactory/df-core1 CVE
  10. 510.drupal/access_code1 CVE
  11. 511.drupal/acquia_dam1 CVE
  12. 512.drupal/admin_audit_trail1 CVE
  13. 513.drupal/alogin1 CVE
  14. 514.drupal/cache_utility1 CVE
  15. 515.drupal/commerce_alphabank_redirect1 CVE
  16. 516.drupal/commerce_eurobank_redirect1 CVE
  17. 517.drupal/config_split1 CVE
  18. 518.drupal/currency1 CVE
  19. 519.drupal/email_tfa1 CVE
  20. 520.drupal/formatter_suite1 CVE
  21. 521.drupal/gdpr1 CVE
  22. 522.drupal/ignition1 CVE
  23. 523.drupal/json_field1 CVE
  24. 524.drupal/lightgallery1 CVE
  25. 525.drupal/link_field_display_mode_formatter1 CVE
  26. 526.drupal/matomo1 CVE
  27. 527.drupal/oauth2_client1 CVE
  28. 528.drupal/oauth2_server1 CVE
  29. 529.drupal/obfuscate1 CVE
  30. 530.drupal-pattern-lab/unified-twig-extensions1 CVE
  31. 531.drupal/plausible_tracking1 CVE
  32. 532.drupal/rapidoc_elements_field_formatter1 CVE
  33. 533.drupal/reverse_proxy_header1 CVE
  34. 534.drupal/simple_multistep1 CVE
  35. 535.drupal/simple_oauth1 CVE
  36. 536.drupal/spamspan1 CVE
  37. 537.drupal/tfa1 CVE
  38. 538.drupal/umami_analytics1 CVE
  39. 539.duncanmcclean/guest-entries1 CVE
  40. 540.ecodev/newsletter1 CVE
  41. 541.ectouch/ectouch1 CVE
  42. 542.ether/logs1 CVE
  43. 543.ezsystems/ezplatform-admin-ui1 CVE
  44. 544.ezsystems/ezplatform-graphql1 CVE
  45. 545.fastly/magento21 CVE
  46. 546.fenom/fenom1 CVE
  47. 547.filament/forms1 CVE
  48. 548.filament/infolists1 CVE
  49. 549.filp/whoops1 CVE
  50. 550.fineuploader/php-traditional-server1 CVE

Which Packagist packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →