Packagist Package Vulnerabilities
All 919 PHP / Composer packages with known CVEs, ranked by live CVE volume — 5,797 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 201.magento/product-community-edition4 CVEs
- 202.moonshine/moonshine4 CVEs
- 203.notrinos/notrinos-erp4 CVEs
- 204.oro/platform4 CVEs
- 205.paymenter/paymenter4 CVEs
- 206.phppgadmin/phppgadmin4 CVEs
- 207.pixelfed/pixelfed4 CVEs
- 208.pyrocms/pyrocms4 CVEs
- 209.reportico-web/reportico4 CVEs
- 210.silverstripe/admin4 CVEs
- 211.sjbr/sr-feuser-register4 CVEs
- 212.starcitizenwiki/embedvideo4 CVEs
- 213.tastyigniter/tastyigniter4 CVEs
- 214.thorsten/phpMyFAQ4 CVEs
- 215.typo3/cms-frontend4 CVEs
- 216.wp-premium/gravityforms4 CVEs
- 217.yiisoft/yii4 CVEs
- 218.aimeos/ai-admin-graphql3 CVEs
- 219.apache-solr-for-typo3/solr3 CVEs
- 220.artesaos/seotools3 CVEs
- 221.badaso/core3 CVEs
- 222.bbpress/bbpress3 CVEs
- 223.buddypress/buddypress3 CVEs
- 224.coreshop/core-shop3 CVEs
- 225.enhavo/enhavo-app3 CVEs
- 226.ezsystems/ezpublish-legacy3 CVEs
- 227.facade/ignition3 CVEs
- 228.filament/tables3 CVEs
- 229.fixpunkt/fp-newsletter3 CVEs
- 230.geshi/geshi3 CVEs
- 231.goalgorilla/open_social3 CVEs
- 232.google/protobuf3 CVEs
- 233.joomla/framework3 CVEs
- 234.knplabs/knp-snappy3 CVEs
- 235.livewire/livewire3 CVEs
- 236.matomo/matomo3 CVEs
- 237.mediawiki/cargo3 CVEs
- 238.nitsan/ns-backup3 CVEs
- 239.orchid/platform3 CVEs
- 240.oro/commerce3 CVEs
- 241.phpunit/phpunit3 CVEs
- 242.piwik/piwik3 CVEs
- 243.prestashop/productcomments3 CVEs
- 244.prestashop/ps_checkout3 CVEs
- 245.qcubed/qcubed3 CVEs
- 246.quickapps/cms3 CVEs
- 247.rudloff/alltube3 CVEs
- 248.sylius/paypal-plugin3 CVEs
- 249.sylius/resource-bundle3 CVEs
- 250.symfony/cache3 CVEs
Which Packagist packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →