Packagist Package Vulnerabilities
All 922 PHP / Composer packages with known CVEs, ranked by live CVE volume — 5,848 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 901.wpcloud/wp-stateless1 CVE
- 902.wpmetabox/meta-box1 CVE
- 903.xataface/xataface1 CVE
- 904.xpressengine/xpressengine1 CVE
- 905.yab/quarx1 CVE
- 906.yidashi/yii2cmf1 CVE
- 907.yii2mod/yii2-cms1 CVE
- 908.yiisoft/yii2-elasticsearch1 CVE
- 909.yikesinc/yikes-inc-easy-mailchimp-extender1 CVE
- 910.yoast/duplicate-post1 CVE
- 911.zendframework/zend-cache1 CVE
- 912.zendframework/zend-crypt1 CVE
- 913.zendframework/zend-diactoros1 CVE
- 914.zendframework/zend-http1 CVE
- 915.zendframework/zend-mail1 CVE
- 916.zendframework/zendxml1 CVE
- 917.zenstruck/collection1 CVE
- 918.zetacomponents/mail1 CVE
- 919.zfcampus/zf-apigility-doctrine1 CVE
- 920.zf-commons/zfc-user1 CVE
- 921.z-push/z-push-dev1 CVE
- 922.zumba/json-serializer1 CVE
Which Packagist packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →