Packagist Package Vulnerabilities
All 919 PHP / Composer packages with known CVEs, ranked by live CVE volume — 5,796 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 51.tribalsystems/zenario22 CVEs
- 52.feehi/cms21 CVEs
- 53.bagisto/bagisto20 CVEs
- 54.facturascripts/facturascripts20 CVEs
- 55.symfony/security-http19 CVEs
- 56.topthink/framework19 CVEs
- 57.forkcms/forkcms18 CVEs
- 58.genix/cms18 CVEs
- 59.twig/twig18 CVEs
- 60.francoisjacquet/rosariosis17 CVEs
- 61.opencart/opencart17 CVEs
- 62.simplesamlphp/simplesamlphp17 CVEs
- 63.symfony/security17 CVEs
- 64.yeswiki/yeswiki17 CVEs
- 65.yetiforce/yetiforce-crm17 CVEs
- 66.phpbb/phpbb16 CVEs
- 67.bolt/bolt15 CVEs
- 68.codeigniter4/framework15 CVEs
- 69.devcode-it/openstamanager15 CVEs
- 70.pimcore/admin-ui-classic-bundle15 CVEs
- 71.smarty/smarty15 CVEs
- 72.studio-42/elfinder15 CVEs
- 73.tinymce/tinymce15 CVEs
- 74.WWBN/AVideo15 CVEs
- 75.alextselegidis/easyappointments14 CVEs
- 76.dompdf/dompdf14 CVEs
- 77.ec-cube/ec-cube14 CVEs
- 78.feehi/feehicms14 CVEs
- 79.lavalite/cms14 CVEs
- 80.modx/revolution14 CVEs
- 81.phpmailer/phpmailer14 CVEs
- 82.sylius/sylius14 CVEs
- 83.zendframework/zendframework114 CVEs
- 84.craftcms/commerce13 CVEs
- 85.elefant/cms13 CVEs
- 86.impresscms/impresscms13 CVEs
- 87.pagekit/pagekit13 CVEs
- 88.sulu/sulu13 CVEs
- 89.cakephp/cakephp12 CVEs
- 90.composer/composer12 CVEs
- 91.kimai/kimai12 CVEs
- 92.nukeviet/nukeviet12 CVEs
- 93.silverstripe/cms12 CVEs
- 94.yiisoft/yii212 CVEs
- 95.laravel/framework11 CVEs
- 96.october/october11 CVEs
- 97.pterodactyl/panel11 CVEs
- 98.redaxo/source11 CVEs
- 99.zendframework/zendframework11 CVEs
- 100.billz/raspap-webgui10 CVEs
Which Packagist packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →