Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
Critical
Ecosystems: npm
Packages: scrytsy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ2N2ctcGp3OS00cWo5
Malicious Package in scrytsyEcosystems: npm
Packages: scrytsy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: angular-location-update
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzangtNHd3aC1nY3Fq
Malicious Package in angular-location-updateEcosystems: npm
Packages: angular-location-update
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: find-exec
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 8 months ago
GSA_kwCzR0hTQS05NXJwLTZncXAtNjYyMs4AA1lI
Command Injection Vulnerability in find-execEcosystems: npm
Packages: find-exec
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 8 months ago
Critical
Ecosystems: npm
Packages: set-in
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFyNHAtYzl3ci1waHI2
Prototype pollution in set-inEcosystems: npm
Packages: set-in
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: flattenizer
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: almost 2 years ago
GSA_kwCzR0hTQS12cTMzLTI2cHItcjRoNs4AAnA7
flattenizer vulnerable to prototype pollutionEcosystems: npm
Packages: flattenizer
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: js-yaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh4dnctNDVycC0zbWoy
Deserialization Code Execution in js-yamlEcosystems: npm
Packages: js-yaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: deep-set
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: almost 2 years ago
GSA_kwCzR0hTQS13Z3htLXJnNTMtaDJjNs4AAnAt
Prototype pollution vulnerability in 'deep-set'Ecosystems: npm
Packages: deep-set
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: font-converter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1nMmMzLXZ3ZmYtbTN4cs4AAuhr
Font-Converter Vulnerable to Arbitrary Command InjectionEcosystems: npm
Packages: font-converter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: bitcoimjs-lib
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ2NnEtcDN4Ny00M2Z4
Malicious Package in bitcoimjs-libEcosystems: npm
Packages: bitcoimjs-lib
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: saync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBtOXYtMzI1Zi01Zzc0
Malicious Package in sayncEcosystems: npm
Packages: saync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: google-cloudstorage-commands
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: almost 2 years ago
GSA_kwCzR0hTQS02MzY3LXAzdjgtN21nd84AAtpR
google-cloudstorage-commands Command Injection vulnerabilityEcosystems: npm
Packages: google-cloudstorage-commands
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: dns-sync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE1cHEtcGdydi1maDg5
dns-sync command injection vulnerabilityEcosystems: npm
Packages: dns-sync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: colour-string
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThtbWYtcXA3ai0ydzI0
Malicious Package in colour-stringEcosystems: npm
Packages: colour-string
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: ngx-pica
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2d2YtMnhjZi02d214
Malicious Package in ngx-picaEcosystems: npm
Packages: ngx-pica
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: bitconi-ops
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc5aHctdjk3dy1nNWY1
Malicious Package in bitconi-opsEcosystems: npm
Packages: bitconi-ops
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: bitcroe-lib
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRtM3AteDJocC0ycGd4
Malicious Package in bitcroe-libEcosystems: npm
Packages: bitcroe-lib
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: json-logic-js
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: about 1 year ago
GSA_kwCzR0hTQS02N2o0LTJtaDYtODYyN84AAx7w
json-logic-js Command Injection vulnerabilityEcosystems: npm
Packages: json-logic-js
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: obsidian
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: almost 2 years ago
GSA_kwCzR0hTQS00NW14LWc4NW0td3dtM84AApcx
Obsidian does not require user confirmation for non-http/https URLs.Ecosystems: npm
Packages: obsidian
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: kill-process-by-name
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFjNjUtY2d2ci05M3A2
Code injection in kill-process-by-nameEcosystems: npm
Packages: kill-process-by-name
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: ngx-context-menu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh3ZzMtZ2p4aC1jOHBt
Malicious Package in ngx-context-menuEcosystems: npm
Packages: ngx-context-menu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: modlibrary
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk0bTctdzg3My02d3dm
Malicious Package in modlibraryEcosystems: npm
Packages: modlibrary
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: bp66
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThnYzYtNjVtbS14cjZy
Malicious Package in bp66Ecosystems: npm
Packages: bp66
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: require-node
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqNmotNGgyYy1jNjVw
Arbitrary Code Execution in require-nodeEcosystems: npm
Packages: require-node
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZnNDctM2MyeC1tMndy
TimelockController vulnerability in OpenZeppelin ContractsEcosystems: npm
Packages: @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZydzQtdzczci02bW04
TimelockController vulnerability in OpenZeppelin ContractsEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: leetlog
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdmbTgtZzN2bS01M2po
Malicious Package in leetlogEcosystems: npm
Packages: leetlog
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: express-param
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
GSA_kwCzR0hTQS1mcjU0LTcyd3ItY3F2cc4AAwri
express-param vulnerable to Improper Handling of Extra ParametersEcosystems: npm
Packages: express-param
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: jsrsasign
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI3ZmotbWM4dy1qOXdn
RSA signature validation vulnerability on maleable encoded message in jsrsasignEcosystems: npm
Packages: jsrsasign
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: blamer
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: almost 2 years ago
GSA_kwCzR0hTQS04Y3hwLWNqbTgtZmozNs4AAj0O
Improper Neutralization of Special Elements used in an OS Command in BlamerEcosystems: npm
Packages: blamer
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: coinstrig
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRtM2otaDhmMi00eGg0
Malicious Package in coinstrigEcosystems: npm
Packages: coinstrig
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: fs-path
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThtcmYtNjRmdy0yeDc1
Command injection in fs-pathEcosystems: npm
Packages: fs-path
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: phpjs
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW00MjgtanFjNC0ycDVq
Prototype Pollution in phpjsEcosystems: npm
Packages: phpjs
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: parse-url
Source: GitHub Advisory Database
Blast Radius: 52.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03ZjN4LXg0cHItd3Foas4AAtA8
Server-Side Request Forgery in parse-urlEcosystems: npm
Packages: parse-url
Source: GitHub Advisory Database
Blast Radius: 52.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: rimrafall
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThocTItZmNxbS0zOWhx
Malicious Package in rimrafallEcosystems: npm
Packages: rimrafall
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: node-oojs
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo0cncteDN2Zy1jOHI3
Prototype Pollution in node-oojsEcosystems: npm
Packages: node-oojs
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: crpyto-js
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTczYzYtdndqaC1nM3Fo
Malicious Package in crpyto-jsEcosystems: npm
Packages: crpyto-js
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: deap
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: almost 2 years ago
GSA_kwCzR0hTQS14ZzQ3LXI2N3Atdmh2Nc4AAWdB
Improper Input Validation in DeapEcosystems: npm
Packages: deap
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: kraken-api
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZnZmotcmoyNC1tajdx
Malicious Package in kraken-apiEcosystems: npm
Packages: kraken-api
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: cxct
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM1eG0tbTY0bS1mMnZx
Malicious Package in cxctEcosystems: npm
Packages: cxct
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: ecuvre
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNndm0tcnZmdi1jOTJy
Malicious Package in ecuvreEcosystems: npm
Packages: ecuvre
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: set-object-value
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRqajQtbTUycC04cngz
Prototype pollution in set-object-valueEcosystems: npm
Packages: set-object-value
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: nodemailer
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4d3ctajRmYy00MzVw
Command injection in nodemailerEcosystems: npm
Packages: nodemailer
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: rceat
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd3N2MtODY3bS00bXFj
Malicious Package in rceatEcosystems: npm
Packages: rceat
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: netmask
Source: GitHub Advisory Database
Blast Radius: 47.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRjN20td3h2bS1yN2dj
Improper parsing of octal bytes in netmaskEcosystems: npm
Packages: netmask
Source: GitHub Advisory Database
Blast Radius: 47.8
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: connection-tester
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc1bXAtOHA4dy1taGg4
Command injection in connection-testerEcosystems: npm
Packages: connection-tester
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: asciitable.js
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVweGotbWh3ai14NWd2
Prototype Pollution in asciitable.jsEcosystems: npm
Packages: asciitable.js
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 58.0
Published: over 1 year ago
GSA_kwCzR0hTQS1oOGhmLXgzZjQteHdncM4AAugJ
Mongoose Vulnerable to Prototype Pollution in Schema ObjectEcosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 58.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: pidusage
Source: GitHub Advisory Database
Blast Radius: 43.7
Published: almost 2 years ago
GSA_kwCzR0hTQS1oMnAzLWg0OGgtOWpqN84AAR2Q
PIDUsage Enables OS Command InjectionEcosystems: npm
Packages: pidusage
Source: GitHub Advisory Database
Blast Radius: 43.7
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: tree-kill
Source: GitHub Advisory Database
Blast Radius: 59.1
Published: almost 2 years ago
GSA_kwCzR0hTQS1qN2ZxLXA5cTctNXdmds4AAjAY
Treekill Enables OS Command InjectionEcosystems: npm
Packages: tree-kill
Source: GitHub Advisory Database
Blast Radius: 59.1
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: dset
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1xNHhjLTdjdzgtY2dmas4AAnA8
dset vulnerable to prototype pollutionEcosystems: npm
Packages: dset
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: @soketi/soketi
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: 9 months ago
GSA_kwCzR0hTQS1nNnc2LWg5MzMtNHJjNc4AA1Cn
Soketi was exposed to Sandbox Escape vulnerability via vm2Ecosystems: npm
Packages: @soketi/soketi
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: 9 months ago
Critical
Ecosystems: npm
Packages: browserify-shim
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 1 year ago
GSA_kwCzR0hTQS1jZmdyLTc1angtaDg4Z84AAvmz
thlorenz browserify-shim vulnerable to prototype pollutionEcosystems: npm
Packages: browserify-shim
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: browserify-shim
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 1 year ago
GSA_kwCzR0hTQS1yNzM3LTM0N20td3FjN84AAvlu
thlorenz browserify-shim vulnerable to prototype pollutionEcosystems: npm
Packages: browserify-shim
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: convert-svg-core
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01Z3hjLWZ4Y3ItOTMyNs4AAtlY
convert-svg-core vulnerable to remote code injectionEcosystems: npm
Packages: convert-svg-core
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 50.0
Published: 25 days ago
GSA_kwCzR0hTQS1mcHc3LWoyaGctNjl2Nc4AA66u
mysql2 Remote Code Execution (RCE) via the readCodeFor functionEcosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 50.0
Published: 25 days ago
Critical
Ecosystems: npm
Packages: slp-validate
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdteDYtdnhjZi1jM2dy
Validation Bypass in slp-validateEcosystems: npm
Packages: slp-validate
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: console-io
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE1MmotNHEycS1oY2o2
Authentication Bypass in console-ioEcosystems: npm
Packages: console-io
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: mockery
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: over 1 year ago
GSA_kwCzR0hTQS1nbXdwLTNwd2MtM2ozZ84AAvS-
mockery is vulnerable to prototype pollutionEcosystems: npm
Packages: mockery
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: closure-compiler-stream
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02NDctNXdmOS0zanAz
OS Command Injection in closure-compiler-streamEcosystems: npm
Packages: closure-compiler-stream
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: git-dummy-commit
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgzYzIteDc3Yy03cHZy
Command Injection in git-dummy-commitEcosystems: npm
Packages: git-dummy-commit
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: async-git
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZjM2YtcDV3cC0zNG1o
OS Command Injection in async-gitEcosystems: npm
Packages: async-git
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: samba-client
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIzajcteDJnNS05Z3g2
Command injection in samba-clientEcosystems: npm
Packages: samba-client
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: slpjs
Source: GitHub Advisory Database
Blast Radius: 13.5
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNjMnAtNGpoci14aGh4
False-positive validity for NFT1 genesis transactions in SLPJSEcosystems: npm
Packages: slpjs
Source: GitHub Advisory Database
Blast Radius: 13.5
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: bmap
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA1OWctNmNxci1tNzN3
Malicious Package in bmapEcosystems: npm
Packages: bmap
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: crypto-es
Source: GitHub Advisory Database
Blast Radius: 28.8
Published: 6 months ago
GSA_kwCzR0hTQS1tcGo4LXEzOXgtd3E1aM4AA2sN
crypto-es PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standardEcosystems: npm
Packages: crypto-es
Source: GitHub Advisory Database
Blast Radius: 28.8
Published: 6 months ago
Critical
Ecosystems: npm
Packages: kityminder
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xNTZoLXg5aDUtcTUzY84AArfc
Server-Side Request Forgery in kityminderEcosystems: npm
Packages: kityminder
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: precode.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV3NHItd3djMy02cWNw
Malicious Package in precode.jsEcosystems: npm
Packages: precode.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: git-commit-info
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: 10 months ago
GSA_kwCzR0hTQS1oNDJqLW1ybXAtOTM2Oc4AA0GE
git-commit-info vulnerable to Command InjectionEcosystems: npm
Packages: git-commit-info
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: 10 months ago
Critical
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW05anctMjM3ci1ndmZ2
SQL Injection in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: macfromip
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZoOGYteHc1di04OTkz
Command Injection in macfromipEcosystems: npm
Packages: macfromip
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: react-datepicker-plus
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3Y3gtYzljNC04OXAy
Malicious Package in react-datepicker-plusEcosystems: npm
Packages: react-datepicker-plus
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: ses
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: 9 months ago
GSA_kwCzR0hTQS05YzRoLTNmN2gtMzIycs4AA1Lc
SES's dynamic import and spread operator provides possible path to arbitrary exfiltration and executionEcosystems: npm
Packages: ses
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: 9 months ago
Critical
Ecosystems: npm
Packages: loader-utils
Source: GitHub Advisory Database
Blast Radius: 61.1
Published: over 1 year ago
GSA_kwCzR0hTQS03NnAzLThqeDMtanBmcc4AAvTd
Prototype pollution in webpack loader-utilsEcosystems: npm
Packages: loader-utils
Source: GitHub Advisory Database
Blast Radius: 61.1
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: realms-shim
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjZzgtcHE5di14OThx
Sandbox Breakout in realms-shimEcosystems: npm
Packages: realms-shim
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: nobelprizeparser
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3djQtbWdmcS01OTh2
Code injection in nobelprizeparserEcosystems: npm
Packages: nobelprizeparser
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: corenlp-js-interface
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZmeGcteG00dy0zd2c5
Command Injection in corenlp-js-interfaceEcosystems: npm
Packages: corenlp-js-interface
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: ps-kill
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxbW0tcTM5NC1mbWNo
Command Injection in ps-killEcosystems: npm
Packages: ps-kill
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: bictoin-ops
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhycmctd2Z3Yy1jN3Iz
Malicious Package in bictoin-opsEcosystems: npm
Packages: bictoin-ops
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: js-rha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk1Y2ctM3I0Zy03dzZq
Malicious Package in js-rha3Ecosystems: npm
Packages: js-rha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: freediskspace
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRnZnEtNm0yOC1tNW1n
Improper neutralization of arguments in freediskspaceEcosystems: npm
Packages: freediskspace
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: vscode-npm-script
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1yODR2LXFmZjgtanY1Z84AAnsE
Remote code execution in vscode-npm-scriptEcosystems: npm
Packages: vscode-npm-script
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: css_transform_step
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyeDktNThtNy1ncjh3
Malicious Package in css_transform_stepEcosystems: npm
Packages: css_transform_step
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: xml-crypto
Source: GitHub Advisory Database
Blast Radius: 38.7
Published: 5 days ago
GSA_kwCzR0hTQS0yeHAzLTU3cDctcWY0ds4AA7eK
xml-crypto vulnerable to XML signature verification bypass due improper verification of signature/signature spoofingEcosystems: npm
Packages: xml-crypto
Source: GitHub Advisory Database
Blast Radius: 38.7
Published: 5 days ago
Critical
Ecosystems: npm
Packages: arr-flatten-unflatten
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc4ZjMtcHZ4NC00YzNo
Prototype Pollution in arr-flatten-unflattenEcosystems: npm
Packages: arr-flatten-unflatten
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: launchpad
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdoOHgtd21xMi03bWZm
Command injection in launchpadEcosystems: npm
Packages: launchpad
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: sapper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYzdnctNTg3Zy1yMjln
Path Traversal in sapperEcosystems: npm
Packages: sapper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: js-sha7
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh2Z2MtbWdnZy1weHIy
Malicious Package in js-sha7Ecosystems: npm
Packages: js-sha7
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: 10 months ago
GSA_kwCzR0hTQS12aDJnLTZjNHgtNWhtcM4AA04I
Path traversal and code execution via prototype vulnerabilityEcosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: 10 months ago
Critical
Ecosystems: npm
Packages: wbe3
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhnN3ctMnBmNy1teG0y
Malicious Package in wbe3Ecosystems: npm
Packages: wbe3
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: eslint-fixer
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ1dzUtcHZyOC00cmg1
Command injection in eslint-fixerEcosystems: npm
Packages: eslint-fixer
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: safe-flat
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMzcnYtbTJncC1tbTJy
Prototype pollution in safe-flatEcosystems: npm
Packages: safe-flat
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: priest-runner
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlweDktZjdqdy1md2hq
Command Injection in priest-runnerEcosystems: npm
Packages: priest-runner
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: picotts
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdxN3EtNXY2ai14ZnY2
Command Injection in picottsEcosystems: npm
Packages: picotts
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: react-server-native
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ3dnAteDVnai03NzNq
Malicious Package in react-server-nativeEcosystems: npm
Packages: react-server-native
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: dictum.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo1amMtamY4Zi04NnE3
Malicious Package in dictum.jsEcosystems: npm
Packages: dictum.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: electorn
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM4aHgtMzU0Mi04Zmgz
Malicious code in `electorn`Ecosystems: npm
Packages: electorn
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: loadyaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1mYzItOTNwci1qZjky
Malicious code in `loadyaml`Ecosystems: npm
Packages: loadyaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: gitblame
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: almost 2 years ago
GSA_kwCzR0hTQS0zNDg2LXJ2eGMtaHJyas4AAtxz
gitblame susceptible to command injectionEcosystems: npm
Packages: gitblame
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: fsevents
Source: GitHub Advisory Database
Blast Radius: 65.9
Published: 7 months ago
GSA_kwCzR0hTQS04cjZqLXY4cG0tZnF3M84AA2SB
Code injection in fseventsEcosystems: npm
Packages: fsevents
Source: GitHub Advisory Database
Blast Radius: 65.9
Published: 7 months ago
Critical
Ecosystems: npm
Packages: shvl
Source: GitHub Advisory Database
Blast Radius: 39.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1wcXdjLTN2aHctcWN2cc4AAnAr
shvl vulnerable to prototype pollutionEcosystems: npm
Packages: shvl
Source: GitHub Advisory Database
Blast Radius: 39.2
Published: almost 2 years ago
Statistics
Advisories: 18,372
Packages: 8,294
Repositories: 1,394
Ecosystems: 12
Packages: 8,294
Repositories: 1,394
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
16
sequelize
16
ghost
14
tinymce
14
swagger-ui
14
next
13
joplin
13
strapi
13
ckeditor4
13
vm2
12
undici
12
handlebars
11
nodebb
11
angular
11
marked
11
@evershop/evershop
9
serve
9
tinymce/tinymce
9
TinyMCE
9
jquery
9
next-auth
9
org.webjars.npm:jquery
9
jquery-rails
9
matrix-js-sdk
8
tar
8
node-forge
8
systeminformation
8
steal
8
npm
8
jQuery
8
@strapi/strapi
8
bootstrap
8
validator
8
urijs
8
express-cart
8
editor.md
8
jsrsasign
8
url-parse
8
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
shescape
7
sanitize-html
7
matrix-appservice-irc
7
hapi
7
jquery-ui
7
nocodb
7
lodash
7
uptime-kuma
7
total.js
7
matrix-react-sdk
7
hermes-engine
7
snyk-broker
7
parse-url
6
safe-eval
6
rsshub
6
aaptjs
6
ua-parser-js
5
rendertron
5
vditor
5
keystone
5
sweetalert2
5
prismjs
5
dojo
5
openpgp
5
ejs
5
yarn
5
mongoose
5
public
5
xlsx
5
total4
5
vite
5
lodash-es
5
@strapi/plugin-users-permissions
5
mongo-express
4
vega
4
valine
4
glance
4
moment
4
apostrophe
4
dompurify
4
safer-eval
4
@keystone-6/core
4
@backstage/plugin-scaffolder-backend
4
meshcentral
4
simple-markdown
4
axios
4
hummus
4
muhammara
4
remarkable
4
katex
4
jsonwebtoken
4
qs
4
follow-redirects
4
ws
4
engine.io
4
materialize-css
4
convert-svg-core
4
apollo-server-core
4
realms-shim
4
fastify
4
ecstatic
4
auth0-lock
4
auth0-js
4
simple-git
4
mysql2
4
awsiotsdk
4
aws-iot-device-sdk-v2
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
generator-jhipster
4
mermaid
4
@strapi/utils
3
typeorm
3
keycloak-connect
3
xmldom
3
locutus
3
m-server
3
apollo-server
3
@cubejs-backend/api-gateway
3
code-server
3
@sequelize/core
3
nodemailer
3
mysql
3
postcss
3
wrangler
3
node-opcua
3
slp-validate
3
feathers-sequelize
3
jspdf
3
dns-sync
3
org.webjars.npm:xlsx
3
node-red-dashboard
3
mathjs
3
grunt
3
passport-wsfed-saml2
3
codecov
3
jointjs
3
node-jose
3
node-ipc
3
js-yaml
3
loader-utils
3
@backstage/techdocs-common
3
jquery-validation
3
n8n
3
object-path
3
protobufjs
3
http-live-simulator
3
notevil
3
ses
3
uap-core
3
socket.io-parser
3
froala-editor
3
docsify
3
tough-cookie
3
raneto
3
jose-node-cjs-runtime
3
jose-node-esm-runtime
3
ids-enterprise
3
@materializecss/materialize
3
libxmljs
3
sails
3
parsel
3
@uppy/companion
3
@ckeditor/ckeditor5-markdown-gfm
3
nadesiko3
3
convict
3
bootstrap
3
dojox
3
blamer
3
simplehttpserver
3
buttle
3
slpjs
3
@commercial/subtext
3
serialize-to-js
3
lodash.defaultsdeep
3
browserify-shim
3
fast-xml-parser
3
socket.io-file
3
@vrite/sdk
3
jose
3
snyk
3
connect
3
mixme
3
@soketi/soketi
3
json-ptr
3
localhost-now
3
openmct
3
highcharts
3
@sveltejs/kit
3
fuxa-server
3
ftp-srv
3
xdLocalStorage
3
bin-links
3
node-fetch
3
@apollo/server
3
subtext
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/sequelize/sequelize
16
https://github.com/directus/directus
15
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/nodejs/undici
12
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/jquery/jquery
11
https://github.com/NodeBB/NodeBB
11
https://github.com/nextauthjs/next-auth
10
https://github.com/keystonejs/keystone
10
https://github.com/evershopcommerce/evershop
9
https://github.com/vercel/next.js
9
https://github.com/pandao/editor.md
8
https://github.com/digitalbazaar/forge
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/apollographql/apollo-server
8
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/nocodb/nocodb
7
https://github.com/unshiftio/url-parse
7
https://github.com/ericcornelissen/shescape
7
https://github.com/louislam/uptime-kuma
7
https://github.com/twbs/bootstrap
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/lodash/lodash
7
https://github.com/npm/node-tar
6
https://github.com/totaljs/framework
6
https://github.com/eclipse-theia/theia
6
https://github.com/DIYgod/RSSHub
6
https://github.com/facebook/hermes
6
https://github.com/jquery/jquery-ui
6
https://github.com/ionicabizau/parse-url
6
https://github.com/panva/jose
6
https://github.com/shenzhim/aaptjs
6
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/vitejs/vite
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/markedjs/marked
5
https://github.com/npm/cli
5
https://github.com/apostrophecms/sanitize-html
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/vega/vega
5
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/angular/angular.js
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/sidorares/node-mysql2
4
https://github.com/npm/npm
4
https://github.com/steveukx/git-js
4
https://github.com/socketio/engine.io
4
https://github.com/KaTeX/KaTeX
4
https://github.com/axios/axios
4
https://github.com/PrismJS/prism
4
https://github.com/xCss/Valine
4
https://github.com/mrvautin/expressCart
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/follow-redirects/follow-redirects
4
https://github.com/balderdashy/sails
4
https://github.com/Dogfalo/materialize
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/auth0/lock
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/yarnpkg/yarn
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/medialize/URI.js
4
https://github.com/medialize/uri.js
4
https://github.com/mde/ejs
4
https://github.com/fastify/fastify
4
https://github.com/hapijs/hapi
4
https://github.com/node-opcua/node-opcua
3
https://github.com/hapijs/subtext
3
https://github.com/transloadit/uppy
3
https://github.com/nodemailer/nodemailer
3
https://github.com/node-fetch/node-fetch
3
https://github.com/facebook/react
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/highcharts/highcharts
3
https://github.com/nodejs/llhttp
3
https://github.com/sveltejs/kit
3
https://github.com/immerjs/immer
3
https://github.com/beerpwn/CVE
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/libxmljs/libxmljs
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/renovatebot/renovate
3
https://github.com/moment/moment
3
https://github.com/docsifyjs/docsify
3
https://github.com/mongodb/js-bson
3
https://github.com/dojo/dojo
3
https://github.com/dojo/dojox
3
https://github.com/mongo-express/mongo-express
3
https://github.com/mozilla/node-convict
3
https://github.com/dwisiswant0/advisory
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/n8n-io/n8n
3
https://github.com/nasa/openmct
3
https://github.com/neocotic/convert-svg
3
https://github.com/soketi/soketi
3
https://github.com/socketio/socket.io-parser
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/chjj/marked
3
https://github.com/cisco/node-jose
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/mariocasciaro/object-path
3
https://github.com/simpleledger/slpjs
3
https://github.com/clientIO/joint
3
https://github.com/gruntjs/grunt
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/cure53/DOMPurify
3
https://github.com/salesforce/tough-cookie
3
https://github.com/mermaid-js/mermaid
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/zeit/next.js
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/websockets/ws
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/webpack/loader-utils
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jarofghosts/glance
3
https://github.com/adaltas/node-mixme
3
https://github.com/ua-parser/uap-core
3
https://github.com/vriteio/vrite
3
https://github.com/josdejong/mathjs
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/vanessa219/vditor
3
https://github.com/Automattic/mongoose
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/xmldom/xmldom
3
https://github.com/typeorm/typeorm
3
https://github.com/YMFE/yapi
3
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/shelljs/shelljs
2
https://github.com/mathjax/MathJax
2
https://github.com/jsuites/jsuites
2
https://github.com/codecov/codecov-node
2
https://github.com/cloudhead/node-static
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/vvakame/fs-git
2
https://github.com/peerigon/angular-expressions
2
https://github.com/ahdinosaur/set-in
2
https://github.com/peterbraden/node-opencv
2
https://github.com/josdejong/jsoneditor
2
https://github.com/mysqljs/mysql
2
https://github.com/cronvel/tree-kit
2
https://github.com/snyk/cli
2
https://github.com/karma-runner/karma
2
https://github.com/Finastra/ssr-pages
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/aFarkas/lazysizes
2
https://github.com/jonschlinkert/set-value
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/markdown-it/markdown-it
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/marudor/libxmljs2
2
https://github.com/vivaxy/here
2
https://github.com/endojs/endo
2
https://github.com/Agoric/realms-shim
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/jameswlane/status-board
2
https://github.com/amitmerchant1990/electron-markdownify
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mozilla/nunjucks
2
https://github.com/dfinity/agent-js
2
https://github.com/mithunsatheesh/node-rules
2