Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

npm

npm

5,162,107 packages · npmjs.org

Moderate Security Advisories in npm Clear Filters

Moderate
over 1 year ago

Summernote vulnerable to cross-site scripting GSA_kwCzR0hTQS00d2gzLTN3ZjItMzltOc4AA66A

npm summernote
Moderate
over 1 year ago

zcap has incomplete expiration checks in capability chains. GSA_kwCzR0hTQS1ocDhoLTd4NjktNHdtds4AA63y

npm @digitalbazaar/zcap
Moderate
over 1 year ago

mysql2 cache poisoning vulnerability GSA_kwCzR0hTQS1tcXIyLXc3d2otampncs4AA62q

npm mysql2
Moderate
over 1 year ago

mysql2 vulnerable to Prototype Poisoning GSA_kwCzR0hTQS00OWo0LTg2bTgtcTJqd84AA62p

npm mysql2
Moderate
over 1 year ago

React Native Sms User Consent Intent Redirection Vulnerability GSA_kwCzR0hTQS1yOTU2LTI1NTMtdnZocs4AA6sD

npm @kyivstarteam/react-native-sms-user-consent
Moderate
over 1 year ago

PsiTransfer: File integrity violation GSA_kwCzR0hTQS0ycDJ4LXA3d2otajVoMs4AA6qU

npm psitransfer
Moderate
over 1 year ago

PsiTransfer: Violation of the integrity of file distribution GSA_kwCzR0hTQS14Zzh2LW0ybWgtNDVtNs4AA6qV

npm psitransfer
Moderate
over 1 year ago

Vite's `server.fs.deny` did not deny requests for patterns with directories. GSA_kwCzR0hTQS04amh3LTI4OWgtamgyZ84AA6l1

npm vite
Moderate
over 1 year ago

@workos-inc/authkit-nextjs session replay vulnerability GSA_kwCzR0hTQS0zNXczLTZxaGMtNDc0ds4AA6d0

npm @workos-inc/authkit-nextjs
Moderate
over 1 year ago

Incorrect Access Control in NodeBB GSA_kwCzR0hTQS1xYzk5LXI0d2gtYzhoNs4AA6be

npm nodebb
Moderate
over 1 year ago

TinyMCE Cross-Site Scripting (XSS) vulnerability in handling iframes GSA_kwCzR0hTQS00MzhjLTM5NzUtNXgzZs4AA6Te

packagist, nuget, npm tinymce/tinymce, TinyMCE, tinymce
Moderate
over 1 year ago

TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elements GSA_kwCzR0hTQS01MzU5LXB2ZjItcHc3OM4AA6Td

nuget, npm, packagist TinyMCE, tinymce, tinymce/tinymce
Moderate
over 1 year ago

Express.js Open Redirect in malformed URLs GSA_kwCzR0hTQS1ydjk1LTg5NmgtYzJ2Y84AA6Rd

npm express
Moderate
over 1 year ago

KaTeX missing normalization of the protocol in URLs allows bypassing forbidden protocols GSA_kwCzR0hTQS0zd2M1LWZjdzItMjMyOc4AA6Rb

npm katex
Moderate
over 1 year ago

KaTeX's `\includegraphics` does not escape filename GSA_kwCzR0hTQS1mOTh3LTdjeHItZmYyaM4AA6Ra

npm katex
Moderate
over 1 year ago

KaTeX's maxExpand bypassed by Unicode sub/superscripts GSA_kwCzR0hTQS1jdnI2LTM3Z3gtdjh3Y84AA6RZ

npm katex
Moderate
over 1 year ago

KaTeX's maxExpand bypassed by `\edef` GSA_kwCzR0hTQS02NGZtLThodzItdjcyd84AA6RY

npm katex
Moderate
over 1 year ago

Cache Poisoning Vulnerability GSA_kwCzR0hTQS04ODJqLTR2ajUtN3Ztas4AA6O1

npm translate
Moderate
over 1 year ago

Denial of service while parsing a tar file due to lack of folders count validation GSA_kwCzR0hTQS1mNXgzLTMyZzYteHEzNs4AA6O0

npm node-tar
Moderate
over 1 year ago

VvvebJs Arbitrary File Upload vulnerability GSA_kwCzR0hTQS1wbW0zLTY4cTktNTdqZ84AA6OK

npm vvvebJs
Moderate
over 1 year ago

VvvebJs Reflected Cross-Site Scripting (XSS) vulnerability GSA_kwCzR0hTQS1wYzk1LTN3Z20teDI4cM4AA6OJ

npm vvvebjs
Moderate
over 1 year ago

Cross-site scripting in Survey Creator GSA_kwCzR0hTQS14Z2o0LTJocmYtajR4Z84AA6Mj

npm survey-creator
Moderate
over 1 year ago

follow-redirects' Proxy-Authorization header kept across hosts GSA_kwCzR0hTQS1jeGpoLXBxd3AtOG1mcM4AA6AJ

npm follow-redirects
Moderate
over 1 year ago

URL Redirection to Untrusted Site in OAuth2/OpenID in directus GSA_kwCzR0hTQS1mcjN3LTJwMjItNnc3cM4AA572

npm directus
Moderate
over 1 year ago

jose vulnerable to resource exhaustion via specifically crafted JWE with compressed plaintext GSA_kwCzR0hTQS1oaGh2LXE1N2ctODgycc4AA502

npm jose, jose-node-esm-runtime, jose-node-cjs-runtime
Moderate
over 1 year ago

RSSHub vulnerable to Server-Side Request Forgery GSA_kwCzR0hTQS0zcDNwLWNnajctdmd3M84AA5zO

npm rsshub
Moderate
over 1 year ago

RSSHub Cross-site Scripting vulnerability caused by internal media proxy GSA_kwCzR0hTQS0yd3F3LWhyNGYteHJoaM4AA5zN

npm rsshub
Moderate
over 1 year ago

hexo-theme-anzhiyu Cross-site Scripting vulnerability GSA_kwCzR0hTQS04MmpmLThmMjQteHE5bc4AA5t8

npm hexo-theme-anzhiyu
Moderate
over 1 year ago

Directus version number disclosure GSA_kwCzR0hTQS01bWhnLXd2OHctcDU5as4AA5sN

npm directus
Moderate
over 1 year ago

mongo-express Cross-site Request Forgery vulnerability GSA_kwCzR0hTQS1mZmZnLWN3YzkteHZqN84AA5rI

npm mongo-express
Moderate
over 1 year ago

Nteract Remote Code Execution vulnerability GSA_kwCzR0hTQS02anZnLWhwMjUtNDJmNs4AA5rD

npm nteract
Moderate
over 1 year ago

sanitize-html Information Exposure vulnerability GSA_kwCzR0hTQS1ybTk3LXg1NTYtcTM2aM4AA5fD

npm sanitize-html
Moderate
over 1 year ago

Cross-site Scripting in Serenity GSA_kwCzR0hTQS01ampxLThjdmotdjZtOc4AA5Xi

npm, nuget @serenity-is/corelib, Serenity.Net.Core
Moderate
over 1 year ago

fetch(url) leads to a memory leak in undici GSA_kwCzR0hTQS05ZjI0LWpxaG0tamZjd84AA5Vf

npm undici
Moderate
over 1 year ago

mapshaper Path Traversal vulnerability GSA_kwCzR0hTQS04bTM2LTYycnctOW14d84AA5Pv

npm mapshaper
Moderate
over 1 year ago

Ghost has possible Cross-site Scripting issue GSA_kwCzR0hTQS05OXZjLXh3OGotcGhqbc4AA5M7

npm ghost
Moderate
over 1 year ago

Pkg Local Privilege Escalation GSA_kwCzR0hTQS0yMnIzLTl3NTUtY2o1NM4AA5Lq

npm pkg
Moderate
over 1 year ago

CKEditor cross-site scripting vulnerability in AJAX sample GSA_kwCzR0hTQS13aDV3LTgyZjMtd3J4aM4AA5JM

npm ckeditor4
Moderate
over 1 year ago

CKEditor4 Cross-site Scripting vulnerability in samples with enabled the preview feature GSA_kwCzR0hTQS1tdzJjLXZ4NmotbWc3Ns4AA5JL

npm ckeditor4
Moderate
over 1 year ago

CKEditor4 Cross-site Scripting vulnerability caused by incorrect CDATA detection GSA_kwCzR0hTQS1mcTZoLTRnOHYtcXF2bc4AA5JK

npm ckeditor4
Moderate
over 1 year ago

Stimulsoft Dashboard.JS Cross Site Scripting vulnerability GSA_kwCzR0hTQS05bTZtLWM2NHItdzRmNM4AA5Es

npm stimulsoft-dashboards-js
Moderate
over 1 year ago

Stimulsoft Dashboard.JS Cross Site Scripting vulnerability GSA_kwCzR0hTQS05Y2dmLXB4d3EtMmNwd84AA5ET

npm stimulsoft-dashboards-js
Moderate
over 1 year ago

Zmarkdown Server-Side Request Forgery (SSRF) in remark-download-images GSA_kwCzR0hTQS1tZjc0LXFxN3ctNmo3ds4AA5C2

npm remark-images-download
Moderate
over 1 year ago

Dash apps vulnerable to Cross-site Scripting GSA_kwCzR0hTQS01NDd4LTc0OHYtdnA2cM4AA5A9

npm, pypi dash-html-components, dash, dash-core-components
Moderate
over 1 year ago

nodemailer ReDoS when trying to send a specially crafted email GSA_kwCzR0hTQS05aDZnLXByMjgtN2NxcM4AA4-p

npm nodemailer
Moderate
over 1 year ago

@lobehub/chat vulnerable to unauthorized access to plugins GSA_kwCzR0hTQS1wZjU1LWZqOTYteGYzN84AA499

npm @lobehub/chat
Moderate
over 1 year ago

Prototype pollution not blocked by object-path related utilities in hoolock GSA_kwCzR0hTQS00YzJnLWh4NDktN2gyNc4AA4oQ

npm hoolock
Moderate
over 1 year ago

@hono/node-server cannot handle "double dots" in URL GSA_kwCzR0hTQS1yanE1LXc0N3gteDM1Oc4AA4oP

npm @hono/node-server
Moderate
over 1 year ago

Cross-site Scripting in Ghost GSA_kwCzR0hTQS1maDM4LTlmZ3ItNDU0d84AA4mG

npm ghost
Moderate
over 1 year ago

Default swagger-ui configuration exposes all files in the module GSA_kwCzR0hTQS02MmpyLTg0Z2Ytd21nNM4AA4eS

npm @fastify/swagger-ui
Moderate
over 1 year ago

react-native-mmkv Insertion of Sensitive Information into Log File vulnerability GSA_kwCzR0hTQS00amgzLTZqaHYtMm1ncM4AA4Tj

npm react-native-mmkv
Moderate
over 1 year ago

@fastify/reply-from JSON Content-Type parsing confusion GSA_kwCzR0hTQS12MnYyLWhwaDgtcTV4cM4AA4PH

npm @fastify/reply-from
Moderate
over 1 year ago

Arbitrary remote file read in Wrangler dev server GSA_kwCzR0hTQS1jZnBoLTRxcWgtdzgyOM4AA4Lg

npm wrangler
Moderate
over 1 year ago

Follow Redirects improperly handles URLs in the url.parse() function GSA_kwCzR0hTQS1qY2h3LTI1eHAtand3Y84AA4JD

npm follow-redirects
Moderate
almost 2 years ago

Layui cross-site scripting (XSS) vulnerability GSA_kwCzR0hTQS1yY3ZyLTh3aHgtM201cM4AA4HM

npm layui
Moderate
almost 2 years ago

blinksocks has weak encryption algorithms GSA_kwCzR0hTQS1wcWo1LTM3eGYteDVnY84AA39f

npm blinksocks
Moderate
almost 2 years ago

Named path parameters can be overridden in TrieRouter GSA_kwCzR0hTQS1mNmd2LWhoOGotcTh2cc4AA3yc

npm hono
Moderate
almost 2 years ago

Cube API denial of service attack GSA_kwCzR0hTQS05NzU5LTMyNzYtZzJwbc4AA3v-

npm @cubejs-backend/api-gateway
Moderate
almost 2 years ago

Password Change Vulnerability GSA_kwCzR0hTQS04OGo0LXBjeDgtcTRxM84AA3q_

npm uptime-kuma
Moderate
almost 2 years ago

OpenZeppelin Contracts and Contracts Upgradeable duplicated execution of subcalls in v4.9.4 GSA_kwCzR0hTQS02OTlnLXE2cWgtcTR2OM4AA3q7

npm @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Moderate
almost 2 years ago

Directory Traversal in evershop GSA_kwCzR0hTQS03NDQzLTU5NjItd3A0cs4AA3pf

npm @evershop/evershop
Moderate
almost 2 years ago

Cross-site Scripting in evershop GSA_kwCzR0hTQS1namo4LW04M2MtcXY5aM4AA3pY

npm @evershop/evershop
Moderate
almost 2 years ago

Cross Site Scripting in evershop GSA_kwCzR0hTQS1tNnZtLWZmOXYtanAzcs4AA3pZ

npm @evershop/evershop
Moderate
almost 2 years ago

Cross-site Scripting in evershop GSA_kwCzR0hTQS0yeGNqLTU1N2MtaGY4cs4AA3pd

npm @evershop/evershop
Moderate
almost 2 years ago

Directory Traversal in evershop GSA_kwCzR0hTQS00d3JtLXFtcTItNWZqeM4AA3pc

npm @evershop/evershop
Moderate
almost 2 years ago

Directory Traversal in Gladys Assistant GSA_kwCzR0hTQS1jNzlmLXBxZ2YtZmhwM84AA3n1

npm gladys
Moderate
almost 2 years ago

Vite XSS vulnerability in `server.transformIndexHtml` via URL payload GSA_kwCzR0hTQS05MnIzLW0ybWctcGo5N84AA3lD

npm vite
Moderate
almost 2 years ago

Logging of the firestore key within nodejs-firestore GSA_kwCzR0hTQS00ZzZxLTc3ajctdnZqY84AA3hm

npm @google-cloud/firestore
Moderate
almost 2 years ago

ASAR Integrity bypass via filetype confusion in electron GSA_kwCzR0hTQS03bTQ4LXdjOTMtOWc4Nc4AA3e-

npm electron
Moderate
almost 2 years ago

@adobe/css-tools Improper Input Validation and Inefficient Regular Expression Complexity GSA_kwCzR0hTQS1wcnIzLWMzbTUtcDdxMs4AA3d1

npm @adobe/css-tools
Moderate
almost 2 years ago

Uptime Kuma Authenticated remote code execution via TailscalePing GSA_kwCzR0hTQS1oZnhoLXJqdjctMjM2Oc4AA3Xr

npm uptime-kuma
Moderate
almost 2 years ago

Attribute Injection leading to XSS(Cross-Site-Scripting) GSA_kwCzR0hTQS12NHYyLThoODgtNjVxas4AA3W6

npm uptime-kuma
Moderate
almost 2 years ago

Possible user mocking that bypasses basic authentication GSA_kwCzR0hTQS12NjR3LTQ5eHctcXE4Oc4AA3R1

npm next-auth
Moderate
almost 2 years ago

Bypass of field access control in strapi-plugin-protected-populate GSA_kwCzR0hTQS02aDY3LTkzNHItODJnN84AA3RQ

npm strapi-plugin-protected-populate
Moderate
almost 2 years ago

JWT Algorithm Confusion GSA_kwCzR0hTQS1jMmZmLTg4eDIteDlwZ84AA3RL

npm fast-jwt
Moderate
almost 2 years ago

@vendure/core's insecure currencyCode handling allows wrong payment amounts GSA_kwCzR0hTQS13bTYzLTc2MjctY2gzM84AA3P1

npm @vendure/core
Moderate
almost 2 years ago

TinyMCE vulnerable to mutation Cross-site Scripting via special characters in unescaped text nodes GSA_kwCzR0hTQS12NjI2LXI3NzQtajdmOM4AA3Mj

nuget, packagist, npm TinyMCE, tinymce/tinymce, tinymce
Moderate
almost 2 years ago

DOMPurify Open Redirect vulnerability GSA_kwCzR0hTQS04aGdnLXh4bTUtMzg3M84AA3ID

npm dompurify
Moderate
almost 2 years ago

Bootbox.js Cross Site Scripting vulnerability GSA_kwCzR0hTQS1tNGNoLTRtNWYtMmdwNs4AA3GR

npm bootbox
Moderate
almost 2 years ago

Sentry Next.js vulnerable to SSRF via Next.js SDK tunnel endpoint GSA_kwCzR0hTQS0ycm1yLXh3OG0tMjJxOc4AA3B6

npm @sentry/nextjs
Moderate
almost 2 years ago

NASA Open MCT Cross Site Scripting vulnerability GSA_kwCzR0hTQS12OGZjLXF4dmotZjNtZ84AA3BP

npm openmct
Moderate
almost 2 years ago

NASA Open MCT Cross Site Request Forgery (CSRF) vulnerability GSA_kwCzR0hTQS00Zzg4LTRoZ20tbTk5eM4AA3BK

npm openmct
Moderate
almost 2 years ago

chromedriver Command Injection vulnerability GSA_kwCzR0hTQS1obTkyLXZnbXctcWZteM4AA3Ah

npm chromedriver
Moderate
almost 2 years ago

Axios Cross-Site Request Forgery Vulnerability GSA_kwCzR0hTQS13ZjVwLWc2dnctcmh4eM4AA2_y

npm axios
Moderate
almost 2 years ago

cordova-plugin-fingerprint-aio DoS vulnerability GSA_kwCzR0hTQS03dmZ4LWhmdm0tcmhyOM4AA24s

npm cordova-plugin-fingerprint-aio
Moderate
almost 2 years ago

TinyMCE XSS vulnerability in notificationManager.open API GSA_kwCzR0hTQS1oZ3F4LXIyaHAtanIzOM4AA2kG

packagist, nuget, npm tinymce/tinymce, TinyMCE, tinymce
Moderate
almost 2 years ago

TinyMCE mXSS vulnerability in undo/redo, getContent API, resetContent API, and Autosave plugin GSA_kwCzR0hTQS12NjVyLXAzdnYtampmds4AA2kF

packagist, nuget, npm tinymce/tinymce, TinyMCE, tinymce
Moderate
almost 2 years ago

React Developer Tools extension Improper Authorization vulnerability GSA_kwCzR0hTQS1yeHJjLXJndjQtanB2eM4AA2j_

npm react-devtools-core
Moderate
almost 2 years ago

nocodb SQL Injection vulnerability GSA_kwCzR0hTQS0zbTVxLXEzOXYteGY4Zs4AA2gV

npm nocodb
Moderate
almost 2 years ago

Improper Input Validation in vriteio/vrite GSA_kwCzR0hTQS00NGZmLTl3NGYtOTl3Ns4AA2bn

npm @vrite/sdk
Moderate
almost 2 years ago

Allocation of Resources Without Limits or Throttling in vriteio/vrite GSA_kwCzR0hTQS01Z2htLWgyd3EtZzNtaM4AA2bp

npm @vrite/sdk
Moderate
almost 2 years ago

Cache variables with the operations when transforms exist on the root level even if variables change in the further requests with the same operation GSA_kwCzR0hTQS1ycjR4LWNyaGYtODg4Ns4AA2X5

npm @graphql-mesh/runtime
Moderate
about 2 years ago

PostCSS line return parsing error GSA_kwCzR0hTQS03Zmg1LTY0cDItM3Yyas4AA2Js

npm postcss
Moderate
about 2 years ago

Zod denial of service vulnerability GSA_kwCzR0hTQS1tOTVxLTdxcDMteHY0Ms4AA2IO

npm zod
Moderate
about 2 years ago

quill-mention Cross-site Scripting vulnerability GSA_kwCzR0hTQS1qZ3c1LXJwNHAtcWhwNs4AA2Hm

npm quill-mention
Moderate
about 2 years ago

Improper Input Validation in nocodb GSA_kwCzR0hTQS14cnBtLWhjY2ctMjh4N84AA1_d

npm nocodb
Moderate
about 2 years ago

graphql Uncontrolled Resource Consumption vulnerability GSA_kwCzR0hTQS05cHY3LXZmdm0tNnZyN84AA19X

npm graphql
Moderate
about 2 years ago

Jodit Editor vulnerable to cross-site scripting GSA_kwCzR0hTQS05NXhyLWNxNmgtdndyM84AA18A

npm jodit
Moderate
about 2 years ago

blamer vulnerable to Arbitrary Argument Injection via the blameByFile() API GSA_kwCzR0hTQS02ZjlwLWc0NjYtZjh2OM4AA17_

npm blamer
Moderate
about 2 years ago

Froala Editor Cross-site Scripting vulnerability GSA_kwCzR0hTQS1odnBxLTd2Y2MtNWhqNc4AA14n

npm froala-editor

Filter by Severity

High 1,587 Moderate 1,257 Critical 1,007 Low 212

Filter by Package

directus 23 tinymce 14 next 12 @openzeppelin/contracts-upgradeable 11 TinyMCE 11 tinymce/tinymce 11 ckeditor4 11 @openzeppelin/contracts 11 ghost 11 joplin 10 vite 10 electron 10 angular 9 swagger-ui 9 parse-server 8 editor.md 8 n8n 7 validator 7 sanitize-html 7 nocodb 7 nodebb 7 marked 7 urijs 6 jquery-ui 6 url-parse 6 uptime-kuma 6 vega 6 bootstrap 6 org.webjars.npm:jquery-ui 6 matrix-js-sdk 6 snyk-broker 6 jQuery.UI.Combined 6 flowise 6 undici 6 @lobehub/chat 5 froala-editor 5 jquery 5 katex 5 @evershop/evershop 5 bootstrap-sass 5 matrix-appservice-irc 5 tarteaucitronjs 5 vditor 5 vega-functions 4 materialize-css 4 dompurify 4 hono 4 rsshub 4 bootstrap 4 astro 4 mermaid 4 yui 4 serve 4 trix 4 glance 4 @directus/api 4 matrix-react-sdk 4 jQuery 4 jose-node-cjs-runtime 3 moodle/moodle 3 systeminformation 3 strapi 3 jquery-ui-rails 3 next-auth 3 xlsx 3 sequelize 3 org.webjars:bootstrap 3 @intlify/vue-i18n-core 3 statics-server 3 follow-redirects 3 jose 3 valine 3 @saltcorn/server 3 docsify 3 bootstrap-sass 3 apollo-server-core 3 renovate 3 @jmondi/url-to-png 3 mattermost-desktop 3 jose-node-esm-runtime 3 @backstage/techdocs-common 3 parse-url 3 layui 3 dojo 3 public 3 bootstrap 3 org.webjars.npm:jquery 3 yapi-vendor 3 postcss 3 mysql 3 express 3 bootstrap.sass 3 petite-vue-i18n 3 m-server 3 @ckeditor/ckeditor5-markdown-gfm 3 hapi 3 vue-i18n 3 twbs/bootstrap 3 node-sass 2 express-xss-sanitizer 2 @escape.tech/graphql-armor-max-depth 2 @strapi/admin 2 element-plus 2 lodash 2 engine.io 2 @intlify/core-base 2 node-red-dashboard 2 pug-code-gen 2 lodash-es 2 request 2 http-file-server 2 status-board 2 html-janitor 2 nanoid 2 @openc3/tool-common 2 @strapi/strapi 2 handlebars 2 psitransfer 2 summernote 2 jszip 2 gitbook 2 svelte 2 i18next 2 reveal.js 2 querymen 2 aws-cdk-lib 2 simplehttpserver 2 apollo-server 2 pnpm 2 Umbraco.Cms.StaticAssets 2 @auth0/nextjs-auth0 2 openc3 2 simple-markdown 2 @adobe/css-tools 2 @astrojs/node 2 lodash-rails 2 bootbox 2 bodymen 2 bl 2 node-forge 2 axios 2 quill 2 notevil 2 @materializecss/materialize 2 highlight.js 2 swagger-ui-dist 2 ejs 2 ggit 2 @haxtheweb/haxcms-nodejs 2 openpgp 2 keycloak-connect 2 @fedify/fedify 2 @directus/storage-driver-s3 2 @braintree/sanitize-url 2 apostrophe 2 prismjs 2 @cloudflare/workers-oauth-provider 2 rendertron 2 @umbraco-cms/backoffice 2 stimulsoft-dashboards-js 2 jodit 2 forms 2 erxes 2 jsonwebtoken 2 jellyfin-web 2 serialize-javascript 2 mxgraph 2 parse 2 saml2-js 2 jspdf 2 nunjucks 2 harp 2 connect 2 webpack-dev-server 2 express-gateway 2 simditor 2 @vrite/sdk 2 @strapi/utils 2 nodemailer 2 karma 2 google-closure-library 2 @intlify/core 2 converse.js 2 @strapi/plugin-content-manager 2 @excalidraw/excalidraw 2 mcp-markdownify-server 2 http-proxy-middleware 2 aws-cdk 2 mongo-express 2 xmldom 2 @builder.io/qwik 2 tough-cookie 2 jsrsasign 2 @finastra/nestjs-proxy 2 mysql2 2 fastify 2 matrix-appservice-bridge 2 fast-jwt 2 sockjs 2 jose-browser-runtime 2

Filter by Repository

https://github.com/directus/directus 24 https://github.com/tinymce/tinymce 14 https://github.com/electron/electron 11 https://github.com/OpenZeppelin/openzeppelin-contracts 11 https://github.com/strapi/strapi 11 https://github.com/TryGhost/Ghost 10 https://github.com/ckeditor/ckeditor4 10 https://github.com/laurent22/joplin 10 https://github.com/vitejs/vite 10 https://github.com/backstage/backstage 10 https://github.com/vercel/next.js 10 https://github.com/parse-community/parse-server 8 https://github.com/pandao/editor.md 8 https://github.com/swagger-api/swagger-ui 8 https://github.com/vega/vega 7 https://github.com/jquery/jquery 7 https://github.com/n8n-io/n8n 7 https://github.com/nocodb/nocodb 7 https://github.com/matrix-org/matrix-js-sdk 6 https://github.com/NodeBB/NodeBB 6 https://github.com/nodejs/undici 6 https://github.com/louislam/uptime-kuma 6 https://github.com/FlowiseAI/Flowise 6 https://github.com/panva/jose 6 https://github.com/ckeditor/ckeditor5 5 https://github.com/unshiftio/url-parse 5 https://github.com/evershopcommerce/evershop 5 https://github.com/matrix-org/matrix-appservice-irc 5 https://github.com/lobehub/lobe-chat 5 https://github.com/withastro/astro 5 https://github.com/jquery/jquery-ui 5 https://github.com/apostrophecms/sanitize-html 5 https://github.com/KaTeX/KaTeX 5 https://github.com/apollographql/apollo-server 4 https://github.com/keystonejs/keystone 4 https://github.com/basecamp/trix 4 https://github.com/Dogfalo/materialize 4 https://github.com/honojs/hono 4 https://github.com/twbs/bootstrap 4 https://github.com/nextauthjs/next-auth 4 https://github.com/AmauriC/tarteaucitron.js 4 https://github.com/matrix-org/matrix-react-sdk 4 https://github.com/markedjs/marked 4 https://github.com/mermaid-js/mermaid 4 https://github.com/DIYgod/RSSHub 4 https://github.com/aws/aws-cdk 4 https://github.com/jasonraimondi/url-to-png 3 https://github.com/vanessa219/vditor 3 https://github.com/ionicabizau/parse-url 3 https://github.com/angular/angular.js 3 https://github.com/xCss/Valine 3 https://github.com/renovatebot/renovate 3 https://github.com/hapijs/hapi 3 https://github.com/sequelize/sequelize 3 https://github.com/froala/wysiwyg-editor 3 https://github.com/YMFE/yapi 3 https://github.com/sebhildebrandt/systeminformation 3 https://github.com/docsifyjs/docsify 3 https://github.com/follow-redirects/follow-redirects 3 https://github.com/postcss/postcss 3 https://github.com/haxtheweb/issues 3 https://github.com/cure53/DOMPurify 3 https://github.com/medialize/uri.js 3 https://github.com/jarofghosts/glance 3 https://github.com/eclipse-theia/theia 3 https://github.com/Escape-Technologies/graphql-armor 3 https://github.com/intlify/vue-i18n 3 https://github.com/cloudflare/workers-sdk 3 https://github.com/saltcorn/saltcorn 3 https://github.com/medialize/URI.js 3 https://github.com/nuxt/nuxt 3 https://github.com/kjur/jsrsasign 2 https://github.com/digitalbazaar/forge 2 https://github.com/moxiecode/plupload 2 https://github.com/highlightjs/highlight.js 2 https://github.com/mysqljs/mysql 2 https://github.com/keycloak/keycloak-nodejs-connect 2 https://github.com/pnpm/pnpm 2 https://github.com/webpack/webpack-dev-server 2 https://github.com/sidorares/node-mysql2 2 https://github.com/lodash/lodash 2 https://github.com/givanz/VvvebJs 2 https://github.com/yahoo/serialize-javascript 2 https://github.com/caolan/forms 2 https://github.com/chimurai/http-proxy-middleware 2 https://github.com/mde/ejs 2 https://github.com/openpgpjs/openpgpjs 2 https://github.com/rvagg/bl 2 https://github.com/expressjs/express 2 https://github.com/request/request 2 https://github.com/ai/nanoid 2 https://github.com/nestjs/nest 2 https://github.com/firebase/firebase-js-sdk 2 https://github.com/sass/node-sass 2 https://github.com/zcaceres/markdownify-mcp 2 https://github.com/google/closure-library 2 https://github.com/GoogleChrome/rendertron 2 https://github.com/VulnSageAgent/PoCs 2 https://github.com/guardian/html-janitor 2 https://github.com/fastify/fastify 2 https://github.com/excalidraw/excalidraw 2 https://github.com/facebook/react 2 https://github.com/punkave/sanitize-html 2 https://github.com/axios/axios 2 https://github.com/sveltejs/svelte 2 https://github.com/pugjs/pug 2 https://github.com/vendure-ecommerce/vendure 2 https://github.com/getsentry/sentry-javascript 2 https://github.com/koush/scrypted 2 https://github.com/Stuk/jszip 2 https://github.com/zeit/next.js 2 https://github.com/auth0/lock 2 https://github.com/quilljs/quill 2 https://github.com/mozilla/nunjucks 2 https://github.com/dahlia/fedify 2 https://github.com/payloadcms/payload 2 https://github.com/Vanessa219/vditor 2 https://github.com/summernote/summernote 2 https://github.com/auth0/node-jsonwebtoken 2 https://github.com/adobe/css-tools 2 https://github.com/vriteio/vrite 2 https://github.com/Urigo/graphql-mesh 2 https://github.com/chocobozzz/peertube 2 https://github.com/freshfish-hust/my-cves 2 https://github.com/nasa/openmct 2 https://github.com/karma-runner/karma 2 https://github.com/socketio/engine.io 2 https://github.com/MrRio/jsPDF 2 https://github.com/Khan/simple-markdown 2 https://github.com/josdejong/jsoneditor 2 https://github.com/umbraco/Umbraco-CMS 2 https://github.com/socketio/socket.io 2 https://github.com/braintree/sanitize-url 2 https://github.com/Finastra/finastra-nodejs-libs 2 https://github.com/salesforce/tough-cookie 2 https://github.com/apostrophecms/apostrophe 2 https://github.com/cloudflare/workers-oauth-provider 2 https://github.com/matrix-org/matrix-appservice-bridge 2 https://github.com/OpenC3/cosmos 2 https://github.com/nodemailer/nodemailer 2 https://github.com/jellyfin/jellyfin-web 2 https://github.com/i18next/i18next 2 https://github.com/xmldom/xmldom 2 https://github.com/AhmedAdelFahim/express-xss-sanitizer 2 https://github.com/erxes/erxes 2 https://github.com/auth0/nextjs-auth0 2 https://github.com/gatsbyjs/gatsby 2 https://github.com/psi-4ward/psitransfer 2 https://github.com/validatorjs/validator.js 2 https://github.com/jameswlane/status-board 2 https://github.com/nearform/fast-jwt 2 https://github.com/Uniswap/web3-react 1 https://github.com/GladysAssistant/Gladys 1 https://github.com/ajv-validator/ajv 1 https://github.com/colinhacks/zod 1 https://github.com/Zireael-N/node-weakauras-parser 1 https://github.com/auth0/angular-jwt 1 https://github.com/tristao-marinho/CVE-2023-41646 1 https://github.com/squirrelchat/smol-toml 1 https://github.com/manuelstofer/json-pointer 1 https://github.com/zowe/zowe-cli 1 https://github.com/knockout/knockout 1 https://github.com/indutny/elliptic 1 https://github.com/tj/node-cookie-signature 1 https://github.com/simonh1000/angular-http-server 1 https://github.com/hayageek/jquery-upload-file 1 https://github.com/TooTallNate/node-https-proxy-agent 1 https://github.com/DependencyTrack/frontend 1 https://github.com/LemonLDAPNG/node-lemonldap-ng-handler 1 https://github.com/arnog/mathlive 1 https://github.com/isomorphic-git/isomorphic-git 1 https://github.com/lukeed/dset 1 https://github.com/NetEase/pomelo 1 https://github.com/vuetifyjs/vuetify 1 https://github.com/netlify/netlify-ipx 1 https://github.com/algolia/algoliasearch-helper-js 1 https://github.com/silverwind/droppy 1 https://github.com/openwhisk/openwhisk-client-js 1 https://github.com/radashi-org/radashi 1 https://github.com/makeusabrew/bootbox 1 https://github.com/marp-team/marp-core 1 https://github.com/jpuri/react-draft-wysiwyg 1 https://github.com/autovance/ftp-srv 1 https://github.com/bpmn-io/diagram-js 1 https://github.com/okta/okta-oidc-middleware 1 https://github.com/koajs/koa 1 https://github.com/mhart/StringStream 1 https://github.com/auth0/passport-wsfed-saml2 1 https://github.com/minimistjs/minimist 1 https://github.com/BorisMoore/jsrender 1 https://github.com/fastify/fastify-swagger-ui 1 https://github.com/ceolter/ag-grid 1 https://github.com/ospfranco/link-preview-js 1 https://github.com/rhysd/Shiba 1 https://github.com/node-saml/passport-saml 1 https://github.com/samholmes/node-open-graph 1 https://github.com/directus/api 1 https://github.com/NervJS/taro 1 https://github.com/deoxxa/dotty 1