Packagist Package Vulnerabilities
All 919 PHP / Composer packages with known CVEs, ranked by live CVE volume — 5,800 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 301.exceedone/exment2 CVEs
- 302.exceedone/laravel-admin2 CVEs
- 303.filament/actions2 CVEs
- 304.filament/filament2 CVEs
- 305.filegator/filegator2 CVEs
- 306.firebase/php-jwt2 CVEs
- 307.friendsofsymfony1/symfony12 CVEs
- 308.georgringer/news2 CVEs
- 309.getkirby/kirby2 CVEs
- 310.getkirby/panel2 CVEs
- 311.helloxz/imgurl2 CVEs
- 312.ibexa/admin-ui2 CVEs
- 313.illuminate/auth2 CVEs
- 314.illuminate/database2 CVEs
- 315.impresspages/impresspages2 CVEs
- 316.ipl/web2 CVEs
- 317.james-heinrich/getid32 CVEs
- 318.james-heinrich/phpthumb2 CVEs
- 319.jbartels/wec-map2 CVEs
- 320.jleehr/canto-saas-api2 CVEs
- 321.johnbillion/wp-crontrol2 CVEs
- 322.joomla/archive2 CVEs
- 323.joomla/filter2 CVEs
- 324.joomla/joomla-platform2 CVEs
- 325.jsdecena/laracom2 CVEs
- 326.khodakhah/nodcms2 CVEs
- 327.kitodo/presentation2 CVEs
- 328.laminas/laminas-diactoros2 CVEs
- 329.laravel/reverb2 CVEs
- 330.latte/latte2 CVEs
- 331.magneto/core2 CVEs
- 332.maximebf/debugbar2 CVEs
- 333.melisplatform/melis-cms2 CVEs
- 334.miniorange/miniorange-saml2 CVEs
- 335.mix/mix2 CVEs
- 336.neuron-core/neuron-ai2 CVEs
- 337.noumo/easyii2 CVEs
- 338.novosga/novosga2 CVEs
- 339.opensolutions/vimbadmin2 CVEs
- 340.open-web-analytics/open-web-analytics2 CVEs
- 341.oro/customer-portal2 CVEs
- 342.oxid-esales/oxideshop-ce2 CVEs
- 343.packbackbooks/lti-1-3-php-library2 CVEs
- 344.passbolt/passbolt_api2 CVEs
- 345.phanan/koel2 CVEs
- 346.phenx/php-svg-lib2 CVEs
- 347.phpfastcache/phpfastcache2 CVEs
- 348.phpsysinfo/phpsysinfo2 CVEs
- 349.pontedilana/php-weasyprint2 CVEs
- 350.prestashop/blockreassurance2 CVEs
Which Packagist packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →