Packagist Package Vulnerabilities

All 922 PHP / Composer packages with known CVEs, ranked by live CVE volume — 5,847 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 851.t3g/svg-sanitizer1 CVE
  2. 852.tecnickcom/tc-lib-pdf-font1 CVE
  3. 853.timber/timber1 CVE
  4. 854.tinymighty/wiki-seo1 CVE
  5. 855.truckersmp/phpwhois1 CVE
  6. 856.ttskch/pagination-service-provider1 CVE
  7. 857.twig/cssinliner-extra1 CVE
  8. 858.twig/intl-extra1 CVE
  9. 859.twig/markdown-extra1 CVE
  10. 860.typo3/cms-belog1 CVE
  11. 861.typo3/cms-extbase1 CVE
  12. 862.typo3/cms-extensionmanager1 CVE
  13. 863.typo3/cms-felogin1 CVE
  14. 864.typo3/cms-filelist1 CVE
  15. 865.typo3/cms-fluid1 CVE
  16. 866.typo3/cms-lowlevel1 CVE
  17. 867.typo3/cms-recordlist1 CVE
  18. 868.typo3/cms-redirects1 CVE
  19. 869.typo3/cms-scheduler1 CVE
  20. 870.typo3/cms-setup1 CVE
  21. 871.typo3/cms-webhooks1 CVE
  22. 872.typo3/flow1 CVE
  23. 873.uasoft-indonesia/badaso1 CVE
  24. 874.universal-omega/dynamic-page-list31 CVE
  25. 875.userfrosting/userfrosting1 CVE
  26. 876.usmanhalalit/pixie1 CVE
  27. 877.uvdesk/core-framework1 CVE
  28. 878.vanilla/safecurl1 CVE
  29. 879.vertexvaar/falsftp1 CVE
  30. 880.villagedefrance/opencart-overclocked1 CVE
  31. 881.vova07/yii2-fileapi-widget1 CVE
  32. 882.waldhacker/hcaptcha1 CVE
  33. 883.wanglelecc/laracms1 CVE
  34. 884.wapplersystems/a21glossary1 CVE
  35. 885.web-auth/webauthn-symfony-bundle1 CVE
  36. 886.webbuilders-group/silverstripe-kapost-bridge1 CVE
  37. 887.webcoast/deferred-image-processing1 CVE
  38. 888.web-feet/coastercms1 CVE
  39. 889.webklex/laravel-imap1 CVE
  40. 890.webklex/php-imap1 CVE
  41. 891.webonyx/graphql-php1 CVE
  42. 892.webpa/webpa1 CVE
  43. 893.webreinvent/vaahcms1 CVE
  44. 894.wikibase/wikibase1 CVE
  45. 895.wikimedia/parsoid1 CVE
  46. 896.winter/wn-dusk-plugin1 CVE
  47. 897.winter/wn-system-module1 CVE
  48. 898.wireui/wireui1 CVE
  49. 899.wpanel/wpanel4-cms1 CVE
  50. 900.wp-cli/wp-cli1 CVE

Which Packagist packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →