Packagist Package Vulnerabilities

All 919 PHP / Composer packages with known CVEs, ranked by live CVE volume — 5,797 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 201.magento/product-community-edition4 CVEs
  2. 202.moonshine/moonshine4 CVEs
  3. 203.notrinos/notrinos-erp4 CVEs
  4. 204.oro/platform4 CVEs
  5. 205.paymenter/paymenter4 CVEs
  6. 206.phppgadmin/phppgadmin4 CVEs
  7. 207.pixelfed/pixelfed4 CVEs
  8. 208.pyrocms/pyrocms4 CVEs
  9. 209.reportico-web/reportico4 CVEs
  10. 210.silverstripe/admin4 CVEs
  11. 211.sjbr/sr-feuser-register4 CVEs
  12. 212.starcitizenwiki/embedvideo4 CVEs
  13. 213.tastyigniter/tastyigniter4 CVEs
  14. 214.thorsten/phpMyFAQ4 CVEs
  15. 215.typo3/cms-frontend4 CVEs
  16. 216.wp-premium/gravityforms4 CVEs
  17. 217.yiisoft/yii4 CVEs
  18. 218.aimeos/ai-admin-graphql3 CVEs
  19. 219.apache-solr-for-typo3/solr3 CVEs
  20. 220.artesaos/seotools3 CVEs
  21. 221.badaso/core3 CVEs
  22. 222.bbpress/bbpress3 CVEs
  23. 223.buddypress/buddypress3 CVEs
  24. 224.coreshop/core-shop3 CVEs
  25. 225.enhavo/enhavo-app3 CVEs
  26. 226.ezsystems/ezpublish-legacy3 CVEs
  27. 227.facade/ignition3 CVEs
  28. 228.filament/tables3 CVEs
  29. 229.fixpunkt/fp-newsletter3 CVEs
  30. 230.geshi/geshi3 CVEs
  31. 231.goalgorilla/open_social3 CVEs
  32. 232.google/protobuf3 CVEs
  33. 233.joomla/framework3 CVEs
  34. 234.knplabs/knp-snappy3 CVEs
  35. 235.livewire/livewire3 CVEs
  36. 236.matomo/matomo3 CVEs
  37. 237.mediawiki/cargo3 CVEs
  38. 238.nitsan/ns-backup3 CVEs
  39. 239.orchid/platform3 CVEs
  40. 240.oro/commerce3 CVEs
  41. 241.phpunit/phpunit3 CVEs
  42. 242.piwik/piwik3 CVEs
  43. 243.prestashop/productcomments3 CVEs
  44. 244.prestashop/ps_checkout3 CVEs
  45. 245.qcubed/qcubed3 CVEs
  46. 246.quickapps/cms3 CVEs
  47. 247.rudloff/alltube3 CVEs
  48. 248.sylius/paypal-plugin3 CVEs
  49. 249.sylius/resource-bundle3 CVEs
  50. 250.symfony/cache3 CVEs

Which Packagist packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →