Moderate 10,136 High 8,068 Critical 3,319 Low 1,453

npm 1,010 maven 961 packagist 593 pypi 512 go 320 cargo 165 rubygems 121 nuget 70 actions 6 hex 5 swift 2

vm2 10 sequelize 7 parse-server 7 aaptjs 6 safe-eval 5 steal 5 nodebb 5 swagger-ui 4 mongoose 4 realms-shim 4 safer-eval 4 hermes-engine 4 xml-crypto 3 slpjs 3 slp-validate 3 jsrsasign 3 browserify-shim 3 strapi 3 feathers-sequelize 3 handlebars 3 @openzeppelin/contracts-upgradeable 3 dompurify 2 ghost 2 joplin 2 set-in 2 @node-saml/node-saml 2 flowise 2 typeorm 2 json-serializer 2 pidusage 2 js-data 2 nuxt 2 mathjs 2 bestzip 2 hellojs 2 flatmap-stream 2 giting 2 mysql2 2 libnested 2 traceroute 2 libxmljs2 2 ses 2 parsel 2 ejs 2 better-auth 2 llhttp 2 libxmljs 2 @evershop/evershop 2 @janhq/core 2 total.js 2 xmlhttprequest-ssl 2 electron 2 shell-quote 2 @sequelize/core 2 dns-sync 2 @soketi/soketi 2 nadesiko3 2 mongodb-query-parser 2 async-git 2 @openzeppelin/contracts 2 @keystone-6/core 2 tenvoy 2 total4 2 pbkdf2 2 yeoman-genrator 2 url-parse 2 parse-url 2 locutus 2 eslint-config-eslint 2 js-shc3 1 vconsole 1 litespeed.js 1 create-choo-electron 1 putil-merge 1 printer 1 arsenic-tabasco-cyborg-peanut-butter 1 an0n-chat-lib 1 bitcion-ops 1 logsymbles 1 aws-lambda 1 whois 1 ali-contributor 1 xmldom 1 webpack 1 jquerz 1 launchpad 1 memjs 1 swiper 1 uglify-js 1 djv 1 safe-flat 1 buffe2-xor 1 hsf-clients 1 mockery 1 sparkies 1 @dfinity/identity 1 deep-defaults 1 priest-runner 1 merge-change 1 js-sha7 1 coa 1 fast-requests 1 buffev-xor 1 ini-parser 1 ts-process-promises 1 @nestjs/devtools-integration 1 sandbox 1 bip30 1 bpi66 1 stimulsoft-dashboards-js 1 cxt 1 freediskspace 1 dset 1 dynamo-schema 1 mixin-deep 1 org.webjars.npm:handlebars 1 adb-driver 1 babel-traverse 1 keyget 1 body-parse-xml 1 push-dir 1 chak 1 curlrequest 1 Rambox 1 nats 1 agnai 1 dictum.js 1 hdeky 1 nodebatis 1 motiv.scss 1 leetlog 1 bmap 1 buffer-xoz 1 aurelia-path 1 bitcoimjs-lib 1 doc-path 1 log-symboles 1 eslint-scope 1 hs-sha3 1 changeset 1 fuffer-xor 1 set-deep-prop 1 @valtimo/components 1 gedi 1 windows-cpu 1 geoheat 1 constantinople 1 loadyaml 1 jsonata 1 pouchdb 1 eact 1 reequest 1 bufger-xor 1 npos-tesseract 1 bitcionjs 1 just-extend 1 tiar 1 npm-groovy-lint 1 dhkey 1 evil-package 1 jqeury 1 crpyto-js 1 taylored 1 valine 1 gitlog 1 bignum 1 plotter 1 md-to-pdf 1 crytpo-js 1 set-or-get 1 passport-cognito 1 js-3ha3 1 requets 1 org.webjars.bowergithub.wycats:handlebars.js 1 buvfer-xor 1 chrome-launcher 1 gitlabhook 1 foever 1 fuxa-server 1 closure-compiler-stream 1 tree-kit 1 tauri-plugin-shell 1 asnyc 1 bufner-xor 1 wifey 1 froever 1 pomelo-monitor 1 deep-extend 1 heroku-env 1 bqffer-xor 1 node-mpv 1 bp66 1 node-windows 1 buffer-xkr 1 wallet-address-vaildator 1 ruffer-xor 1 buttercms 1 soket.js 1 pensi-scheduler 1 lighter-vm 1

https://github.com/patriksimek/vm2 10 https://github.com/parse-community/parse-server 7 https://github.com/sequelize/sequelize 7 https://github.com/shenzhim/aaptjs 6 https://github.com/hacksparrow/safe-eval 5 https://github.com/NodeBB/NodeBB 5 https://github.com/stealjs/steal 5 https://github.com/swagger-api/swagger-ui 4 https://github.com/dwisiswant0/advisory 3 https://github.com/kjur/jsrsasign 3 https://github.com/node-saml/xml-crypto 3 https://github.com/facebook/hermes 3 https://github.com/simpleledger/slpjs 3 https://github.com/thlorenz/browserify-shim 3 https://github.com/strapi/strapi 3 https://github.com/feathersjs-ecosystem/feathers-sequelize 3 https://github.com/Automattic/mongoose 3 https://github.com/browserify/pbkdf2 2 https://github.com/node-saml/node-saml 2 https://github.com/ionicabizau/parse-url 2 https://github.com/dominictarr/event-stream 2 https://github.com/dominictarr/libnested 2 https://github.com/TogaTech/tEnvoy 2 https://github.com/better-auth/better-auth 2 https://github.com/nuxt/nuxt 2 https://github.com/totaljs/framework 2 https://github.com/dfinity/agent-js 2 https://github.com/kujirahand/nadesiko3 2 https://github.com/Agoric/realms-shim 2 https://github.com/MrSwitch/hello.js 2 https://github.com/nodejs/llhttp 2 https://github.com/HackAllSec/CVEs 2 https://github.com/sidorares/node-mysql2 2 https://github.com/cure53/DOMPurify 2 https://github.com/commenthol/safer-eval 2 https://github.com/soketi/soketi 2 https://github.com/simpleledger/slp-validate.js 2 https://github.com/skoranga/node-dns-sync 2 https://github.com/handlebars-lang/handlebars.js 2 https://github.com/js-data/js-data 2 https://github.com/josdejong/mathjs 2 https://github.com/FlowiseAI/Flowise 2 https://github.com/evershopcommerce/evershop 2 https://github.com/libxmljs/libxmljs 2 https://github.com/unshiftio/url-parse 2 https://github.com/keystonejs/keystone 2 https://github.com/omrilotan/async-git 2 https://github.com/jaw187/node-traceroute 2 https://github.com/ahdinosaur/set-in 2 https://github.com/OpenZeppelin/openzeppelin-contracts 2 https://github.com/marudor/libxmljs2 2 https://github.com/laurent22/joplin 2 https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable 2 https://github.com/koajs/koa 1 https://github.com/facebook/nuclide 1 https://github.com/fagbokforlaget/pdfinfojs 1 https://github.com/fastify/fastify-reply-from 1 https://github.com/kooinam/awesome_react_utility 1 https://github.com/feross/git-pull-or-clone 1 https://github.com/korzio/djv 1 https://github.com/halfblood369/monitor 1 https://github.com/guybedford/devcert 1 https://github.com/fex-team/kityminder 1 https://github.com/FireBlinkLTD/object-collider 1 https://github.com/flitto/express-param 1 https://github.com/GoogleChrome/chrome-launcher 1 https://github.com/github/hubot-scripts 1 https://github.com/form-data/form-data 1 https://github.com/krzysztof-o/spritesheet.js 1 https://github.com/kriszyp/json-schema 1 https://github.com/formio/enterprise-release 1 https://github.com/fortruce/node-ps 1 https://github.com/gilbitron/Raneto 1 https://github.com/genieacs/genieacs 1 https://github.com/FredrikNoren/ungit 1 https://github.com/geelen/mcp-remote 1 https://github.com/garimpeiro-it/node-key-sender 1 https://github.com/FurqanSoftware/node-whois 1 https://github.com/jamiller619/blingjs 1 https://github.com/jamiller619/freshdom 1 https://github.com/janbialostok/deep-assign 1 https://github.com/jarradseers/config-handler 1 https://github.com/jashkenas/underscore 1 https://github.com/jesec/flood 1 https://github.com/jessie-codes/safe-flat 1 https://github.com/jgraph/mxgraph 1 https://github.com/jhipster/jhipster-kotlin 1 https://github.com/j-holub/Node-MPV 1 https://github.com/jonschlinkert/git-add-remote 1 https://github.com/jonschlinkert/merge-deep 1 https://github.com/jonschlinkert/mixin-deep 1 https://github.com/jonschlinkert/set-value 1 https://github.com/jprichardson/field 1 https://github.com/jquense/expr 1 https://github.com/jsonata-js/jsonata 1 https://github.com/JSONPath-Plus/JSONPath 1 https://github.com/jsreport/jsreport 1 https://github.com/justmoon/node-bignum 1 https://github.com/jwadhams/json-logic-js 1 https://github.com/karma-runner/grunt-karma 1 https://github.com/kellyselden/git-diff-apply 1 https://github.com/frenchbread/private-ip 1 https://github.com/handsontable/formula-parser 1 https://github.com/hapijs/bassmaster 1 https://github.com/hapijs/cryptiles 1 https://github.com/HashBrownCMS/hashbrown-cms 1 https://github.com/haxtheweb/issues 1 https://github.com/klaemo/deep-set 1 https://github.com/hiddentao/squel 1 https://github.com/hiproxy/open-browser 1 https://github.com/hokaccha/node-jwt-simple 1 https://github.com/hoperyy/get-npm-package-version 1 https://github.com/hughsk/flat 1 https://github.com/immerjs/immer 1 https://github.com/indexzero/morgan-json 1 https://github.com/indutny/elliptic 1 https://github.com/inikulin/replicator 1 https://github.com/ioBroker/ioBroker.admin 1 https://github.com/IonicaBizau/set-or-get.js 1 https://github.com/ipfs/aegir 1 https://github.com/irisnet/irisnet-crypto 1 https://github.com/Irrelon/irrelon-path 1 https://github.com/iximiuz/node-diskusage-ng 1 https://github.com/izatop/bunt 1 https://github.com/atlassian/moo 1 https://github.com/aurelia/path 1 https://github.com/auth0/node-jsonwebtoken 1 https://github.com/auth0/passport-wsfed-saml2 1 https://github.com/automattic/mongoose 1 https://github.com/autovance/ftp-srv 1 https://github.com/aws-amplify/amplify-cli 1 https://github.com/awspilot/cli-lambda-deploy 1 https://github.com/babel/babel 1 https://github.com/babel/babel-loader 1 https://github.com/balderdashy/sails 1 https://github.com/barneycarroll/npm-dependency-versions 1 https://github.com/bcoin-org/bcoin 1 https://github.com/beerpwn/CVE 1 https://github.com/bentruyman/pulverizr 1 https://github.com/bi-a/mydatepicker 1 https://github.com/bi-a/mydaterangepicker 1 https://github.com/bigpipe/predefine 1 https://github.com/bitovi/launchpad 1 https://github.com/bkimminich/juice-shop 1 https://github.com/Blackprint/engine-js 1 https://github.com/blitz-js/superjson 1 https://github.com/bozuko/codify 1 https://github.com/brix/crypto-js 1 https://bitbucket.org/xi/libyaml 1 https://github.com/1000ch/install-package 1 https://github.com/acrontum/filesystem-template 1 https://github.com/adaltas/node-mixme 1 https://github.com/adonespitogo/angular-base64-upload 1 https://github.com/AEB-labs/cruddl 1 https://github.com/agnaistic/agnai 1 https://github.com/aheckmann/gm 1 https://github.com/algolia/algoliasearch-helper-js 1 https://github.com/ali-security/mongoose 1 https://github.com/amireh/karma-mojo 1 https://github.com/andrewimm/xopen 1 https://github.com/andrewjstone/dynamo-schema 1 https://github.com/AndriiHeonia/hull 1 https://github.com/angus-c/just 1 https://github.com/AnneTheDev/nobelprize 1 https://github.com/apostrophecms/apostrophe 1 https://github.com/appium/appium-desktop 1 https://github.com/appLhui/mock2easy 1 https://github.com/appwrite/appwrite 1 https://github.com/arc53/DocsGPT 1 https://github.com/ASaiAnudeep/deep-override 1 https://github.com/asyncapi/modelina 1 https://github.com/Atinux/schema-inspector 1 https://github.com/Budibase/budibase 1 https://github.com/dojo/dojox 1 https://github.com/domharrington/node-gitlog 1 https://github.com/dominictarr/rc 1 https://github.com/doowb/expand-hash 1 https://github.com/doowb/set-getter 1 https://github.com/dottgonzo/node-promise-probe 1 https://github.com/driverdan/node-XMLHttpRequest 1 https://github.com/dwyl/hapi-auth-jwt2 1 https://github.com/eclipse-theia/theia 1 https://github.com/eflexsystems/node-samba-client 1 https://github.com/eggjs/egg-scripts 1 https://github.com/Ekultek/CVE-2019-17625 1 https://github.com/electerm/electerm 1 https://github.com/electron/electron 1 https://github.com/endojs/endo 1 https://github.com/entronad/crypto-es 1 https://github.com/ericcornelissen/shescape 1 https://github.com/eslint/eslint-scope 1 https://github.com/espadrine/localeval 1 https://github.com/ether/etherpad-lite 1 https://github.com/ethereum/web3.js 1 https://github.com/eugeneware/changeset 1 https://github.com/evangelion1204/multi-ini 1 https://github.com/eventsource/eventsource 1 https://github.com/builderio/qwik 1 https://github.com/ButterCMS/buttercms-js 1