Packagist Package Vulnerabilities

All 919 PHP / Composer packages with known CVEs, ranked by live CVE volume — 5,800 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 301.exceedone/exment2 CVEs
  2. 302.exceedone/laravel-admin2 CVEs
  3. 303.filament/actions2 CVEs
  4. 304.filament/filament2 CVEs
  5. 305.filegator/filegator2 CVEs
  6. 306.firebase/php-jwt2 CVEs
  7. 307.friendsofsymfony1/symfony12 CVEs
  8. 308.georgringer/news2 CVEs
  9. 309.getkirby/kirby2 CVEs
  10. 310.getkirby/panel2 CVEs
  11. 311.helloxz/imgurl2 CVEs
  12. 312.ibexa/admin-ui2 CVEs
  13. 313.illuminate/auth2 CVEs
  14. 314.illuminate/database2 CVEs
  15. 315.impresspages/impresspages2 CVEs
  16. 316.ipl/web2 CVEs
  17. 317.james-heinrich/getid32 CVEs
  18. 318.james-heinrich/phpthumb2 CVEs
  19. 319.jbartels/wec-map2 CVEs
  20. 320.jleehr/canto-saas-api2 CVEs
  21. 321.johnbillion/wp-crontrol2 CVEs
  22. 322.joomla/archive2 CVEs
  23. 323.joomla/filter2 CVEs
  24. 324.joomla/joomla-platform2 CVEs
  25. 325.jsdecena/laracom2 CVEs
  26. 326.khodakhah/nodcms2 CVEs
  27. 327.kitodo/presentation2 CVEs
  28. 328.laminas/laminas-diactoros2 CVEs
  29. 329.laravel/reverb2 CVEs
  30. 330.latte/latte2 CVEs
  31. 331.magneto/core2 CVEs
  32. 332.maximebf/debugbar2 CVEs
  33. 333.melisplatform/melis-cms2 CVEs
  34. 334.miniorange/miniorange-saml2 CVEs
  35. 335.mix/mix2 CVEs
  36. 336.neuron-core/neuron-ai2 CVEs
  37. 337.noumo/easyii2 CVEs
  38. 338.novosga/novosga2 CVEs
  39. 339.opensolutions/vimbadmin2 CVEs
  40. 340.open-web-analytics/open-web-analytics2 CVEs
  41. 341.oro/customer-portal2 CVEs
  42. 342.oxid-esales/oxideshop-ce2 CVEs
  43. 343.packbackbooks/lti-1-3-php-library2 CVEs
  44. 344.passbolt/passbolt_api2 CVEs
  45. 345.phanan/koel2 CVEs
  46. 346.phenx/php-svg-lib2 CVEs
  47. 347.phpfastcache/phpfastcache2 CVEs
  48. 348.phpsysinfo/phpsysinfo2 CVEs
  49. 349.pontedilana/php-weasyprint2 CVEs
  50. 350.prestashop/blockreassurance2 CVEs

Which Packagist packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →