Packagist Package Vulnerabilities

All 919 PHP / Composer packages with known CVEs, ranked by live CVE volume — 5,801 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 401.yiisoft/yii2-gii2 CVEs
  2. 402.yiisoft/yii2-redis2 CVEs
  3. 403.yoast-seo-for-typo3/yoast_seo2 CVEs
  4. 404.yuan1994/tpadmin2 CVEs
  5. 405.zendframework/zend-db2 CVEs
  6. 406.adaptcms/adaptcms1 CVE
  7. 407.aheinze/cockpit1 CVE
  8. 408.aimeos/ai-admin-jsonadm1 CVE
  9. 409.aimeos/ai-cms-grapesjs1 CVE
  10. 410.aimeos/aimeos-laravel1 CVE
  11. 411.aimeos/aimeos-typo31 CVE
  12. 412.airesvsg/acf-to-rest-api1 CVE
  13. 413.akaunting/akaunting1 CVE
  14. 414.almirhodzic/nova-toggle-51 CVE
  15. 415.altcha-org/altcha1 CVE
  16. 416.alt-design/alt-redirect1 CVE
  17. 417.amazing/media2click1 CVE
  18. 418.ameos/ameos_tarteaucitron1 CVE
  19. 419.amphp/artax1 CVE
  20. 420.amphp/http1 CVE
  21. 421.amphp/http-client1 CVE
  22. 422.andreapollastri/cipi1 CVE
  23. 423.andrewhaine/silverstripe-form-capture1 CVE
  24. 424.aoe/restler1 CVE
  25. 425.arc/web1 CVE
  26. 426.area17/twill1 CVE
  27. 427.athlon1600/youtube-downloader1 CVE
  28. 428.aureuserp/aureuserp1 CVE
  29. 429.auth0/wordpress1 CVE
  30. 430.automattic/jetpack1 CVE
  31. 431.awesome-support/awesome-support1 CVE
  32. 432.ayacoo/redirect-tab1 CVE
  33. 433.b13/seo_basics1 CVE
  34. 434.backpack/filemanager1 CVE
  35. 435.barrelstrength/sprout-base-email1 CVE
  36. 436.barrelstrength/sprout-forms1 CVE
  37. 437.barryvdh/laravel-translation-manager1 CVE
  38. 438.barzahlen/barzahlen-php1 CVE
  39. 439.bcit-ci/codeigniter1 CVE
  40. 440.bcosca/fatfree1 CVE
  41. 441.bedita/bedita1 CVE
  42. 442.bednee/cooluri1 CVE
  43. 443.bigfork/silverstripe-form-capture1 CVE
  44. 444.billabear/billabear1 CVE
  45. 445.binarytorch/larecipe1 CVE
  46. 446.bk2k/bootstrap-package1 CVE
  47. 447.blueimp/jquery-file-upload1 CVE
  48. 448.bmarshall511/wordpress_zero_spam1 CVE
  49. 449.brightlocal/phpwhois1 CVE
  50. 450.brotkrueml/schema1 CVE

Which Packagist packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →