Moderate 10,435 High 8,219 Critical 3,376 Low 1,521

maven 6,724 packagist 5,241 pypi 4,822 npm 4,300 go 2,825 nuget 1,533 cargo 1,087 rubygems 896 actions 38 hex 38 swift 33 pub 9

directus 39 parse-server 33 next 29 electron 28 flowise 23 @openzeppelin/contracts-upgradeable 21 @openzeppelin/contracts 21 ghost 16 sequelize 16 tinymce 16 vite 15 undici 15 ckeditor4 15 swagger-ui 14 joplin 14 angular 14 nodebb 14 strapi 13 vm2 12 marked 12 matrix-js-sdk 12 TinyMCE 11 nocodb 11 handlebars 11 tinymce/tinymce 10 n8n 10 uptime-kuma 9 serve 9 next-auth 9 matrix-react-sdk 9 systeminformation 9 matrix-appservice-irc 9 @strapi/strapi 9 @evershop/evershop 9 npm 8 sanitize-html 8 @anthropic-ai/claude-code 8 node-forge 8 @directus/api 8 @haxtheweb/haxcms-nodejs 8 elliptic 8 dompurify 8 jsrsasign 8 urijs 8 shescape 8 editor.md 8 validator 8 url-parse 8 steal 8 express-cart 8 tar 7 total.js 7 mongoose 7 hermes-engine 7 vega 7 hapi 7 axios 7 @lobehub/chat 7 snyk-broker 7 mermaid 7 bootstrap 6 @strapi/plugin-users-permissions 6 mattermost-desktop 6 org.webjars.npm:jquery-ui 6 safe-eval 6 jquery-ui 6 aaptjs 6 @sveltejs/kit 6 hono 6 parse-url 6 tarteaucitronjs 6 jQuery.UI.Combined 6 rsshub 6 prismjs 6 openpgp 6 fastify 5 aws-cdk-lib 5 keystone 5 total4 5 bootstrap-sass 5 ws 5 @backstage/plugin-scaffolder-backend 5 bootstrap 5 public 5 sweetalert2 5 jquery 5 rendertron 5 vditor 5 passport-wsfed-saml2 5 xlsx 5 better-auth 5 jspdf 5 astro 5 nuxt 5 ua-parser-js 5 froala-editor 5 katex 5 express 5 @keystone-6/core 5 yarn 5 trix 5 @saltcorn/server 5 twbs/bootstrap 5 org.webjars:bootstrap 5 mysql2 5 ejs 5 dojo 5 glance 4 moment 4 @finos/git-proxy 4 valine 4 safer-eval 4 pnpm 4 materialize-css 4 payload 4 apollo-server-core 4 follow-redirects 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 awsiotsdk 4 @intlify/vue-i18n-core 4 erxes 4 @node-saml/node-saml 4 fast-xml-parser 4 convert-svg-core 4 code-server 4 @apollo/gateway 4 bootstrap 4 remarkable 4 petite-vue-i18n 4 auth0-lock 4 muhammara 4 jsonwebtoken 4 apostrophe 4 auth0-js 4 mongo-express 4 engine.io 4 hummus 4 xml-crypto 4 ses 4 yui 4 meshcentral 4 multer 4 simple-markdown 4 qs 4 bootstrap-sass 4 mongosh 4 aws-iot-device-sdk-v2 4 jquery-validation 4 jQuery 4 simple-git 4 realms-shim 4 snyk 4 generator-jhipster 4 vue-i18n 4 ecstatic 4 @auth0/nextjs-auth0 4 vega-functions 4 tar-fs 4 wrangler 3 jquery-ui-rails 3 yapi-vendor 3 connect 3 codecov 3 xdLocalStorage 3 highcharts 3 stimulsoft-dashboards-js 3 llhttp 3 @intlify/core 3 localhost-now 3 @soketi/soketi 3 @backstage/techdocs-common 3 @strapi/utils 3 @strapi/admin 3 ftp-srv 3 socket.io-file 3 node-red-dashboard 3 json-pointer 3 uap-core 3 serialize-javascript 3 bootstrap.sass 3 libxmljs 3 socket.io 3 locutus 3 @cubejs-backend/api-gateway 3 dojox 3 parsel 3 mcp-markdownify-server 3 @janhq/core 3 jointjs 3 slp-validate 3 webpack-dev-server 3 nodemailer 3 simplehttpserver 3 mysql 3 immer 3 ids-enterprise 3 @apollo/server 3 http-live-simulator 3 @commercial/subtext 3 @frangoteam/fuxa 3

https://github.com/apostrophecms/sanitize-html 6 https://github.com/punkave/sanitize-html 2