Packagist Package Vulnerabilities

All 919 PHP / Composer packages with known CVEs, ranked by live CVE volume — 5,804 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 551.fisharebest/webtrees1 CVE
  2. 552.fixpunkt/fp-masterquiz1 CVE
  3. 553.flarum/flarum1 CVE
  4. 554.flarum/mentions1 CVE
  5. 555.flarum/nicknames1 CVE
  6. 556.flarum/sticky1 CVE
  7. 557.floriangaerber/magnesium1 CVE
  8. 558.fluidtypo3/vhs1 CVE
  9. 559.fof/byobu1 CVE
  10. 560.fof/pretty-mail1 CVE
  11. 561.fof/upload1 CVE
  12. 562.foodcoopshop/foodcoopshop1 CVE
  13. 563.fooman/tcpdf1 CVE
  14. 564.frappant/frp-form-answers1 CVE
  15. 565.friendsofsymfony1/swiftmailer1 CVE
  16. 566.friendsofsymfony/user-bundle1 CVE
  17. 567.friendsoftypo3/mediace1 CVE
  18. 568.friendsoftypo3/openid1 CVE
  19. 569.frosh/adminer-platform1 CVE
  20. 570.frozennode/administrator1 CVE
  21. 571.gaoming13/wechat-php-sdk1 CVE
  22. 572.getgrav/grav-plugin-api1 CVE
  23. 573.getgrav/grav-plugin-form1 CVE
  24. 574.getkirby/starterkit1 CVE
  25. 575.globalpayments/php-sdk1 CVE
  26. 576.gogentooss/samlbase1 CVE
  27. 577.goodoneuz/pay-uz1 CVE
  28. 578.gp247/core1 CVE
  29. 579.gree/jose1 CVE
  30. 580.guzzlehttp/guzzle-services1 CVE
  31. 581.guzzlehttp/oauth-subscriber1 CVE
  32. 582.haffner/jh_captcha1 CVE
  33. 583.handcraftedinthealps/goodby-csv1 CVE
  34. 584.harvesthq/chosen1 CVE
  35. 585.hhxsv5/laravel-s1 CVE
  36. 586.hillelcoren/invoice-ninja1 CVE
  37. 587.himiklab/yii2-jqgrid-widget1 CVE
  38. 588.hjue/justwriting1 CVE
  39. 589.hov/jobfair1 CVE
  40. 590.hybridauth/hybridauth1 CVE
  41. 591.hyn/multi-tenant1 CVE
  42. 592.ibexa/fieldtype-richtext1 CVE
  43. 593.ibexa/user1 CVE
  44. 594.ilicmiljan/secure-props1 CVE
  45. 595.illuminate/view1 CVE
  46. 596.imdbphp/imdbphp1 CVE
  47. 597.in2code/ipandlanguageredirect1 CVE
  48. 598.in2code/lux1 CVE
  49. 599.innologi/typo3-appointments1 CVE
  50. 600.inter-mediator/inter-mediator1 CVE

Which Packagist packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →