Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • C
Malicious Package
Affects xml2js-js | Versions *
No fix available
npmPublished 12 Jan 2026
  • C
Malicious Package
Affects firestore-types | Versions *
No fix available
npmPublished 12 Jan 2026
  • C
Malicious Package
Affects huggingface-js | Versions *
No fix available
npmPublished 12 Jan 2026
  • C
Malicious Package
Affects pinecone-js | Versions *
No fix available
npmPublished 12 Jan 2026
  • C
Malicious Package
Affects passport-google-auth-token | Versions *
No fix available
npmPublished 12 Jan 2026
  • C
Malicious Package
Affects luxon-js | Versions *
No fix available
npmPublished 12 Jan 2026
  • C
Malicious Package
Affects auth-types | Versions *
No fix available
npmPublished 12 Jan 2026
  • C
Malicious Package
Affects experimental-utils | Versions *
No fix available
npmPublished 12 Jan 2026
  • C
Malicious Package
Affects milvus-js | Versions *
No fix available
npmPublished 12 Jan 2026
  • C
Malicious Package
Affects simple-string-utils3 | Versions *
No fix available
npmPublished 12 Jan 2026
  • C
Malicious Package
Affects analytics-browser | Versions *
No fix available
npmPublished 12 Jan 2026
  • C
Malicious Package
Affects immer-js | Versions *
No fix available
npmPublished 12 Jan 2026
  • C
Malicious Package
Affects body-parser-js | Versions *
No fix available
npmPublished 12 Jan 2026
  • C
Malicious Package
Affects terser-js | Versions *
No fix available
npmPublished 12 Jan 2026
  • C
Malicious Package
Affects pako-js | Versions *
No fix available
npmPublished 12 Jan 2026
  • M
Cross-site Scripting (XSS)
Affects @haxtheweb/haxcms-nodejs | Versions <25.0.0
Has fix
npmPublished 11 Jan 2026
  • H
Inclusion of Sensitive Information in Source Code
Affects shakapacker | Versions <9.5.0
Has fix
npmPublished 11 Jan 2026
  • H
Directory Traversal
Affects fast-filesystem-mcp | Versions *
No fix available
npmPublished 11 Jan 2026
  • H
Incorrect Authorization
Affects ghost | Versions >=5.121.0 <5.130.6>=6.0.0 <6.11.0
Has fix
npmPublished 11 Jan 2026
  • H
Missing Critical Step in Authentication
Affects ghost | Versions >=5.105.0 <5.130.6>=6.0.0 <6.11.0
Has fix
npmPublished 11 Jan 2026
  • H
SQL Injection
Affects ghost | Versions >=5.90.0 <5.130.6>=6.0.0 <6.11.0
Has fix
npmPublished 9 Jan 2026
  • H
Cross-site Scripting (XSS)
Affects @angular/compiler | Versions <19.2.18>=20.0.0-next.0 <20.3.16>=21.0.0-next.0 <21.0.7>=21.1.0-next.0 <21.1.0-rc.0
Has fix
npmPublished 9 Jan 2026
  • H
Cross-site Scripting (XSS)
Affects @angular/core | Versions <19.2.18>=20.0.0-next.0 <20.3.16>=21.0.0-next.0 <21.0.7>=21.1.0-next.0 <21.1.0-rc.0
Has fix
npmPublished 9 Jan 2026
  • H
Directory Traversal
Affects @react-router/node | Versions >=7.0.0 <7.9.4
Has fix
npmPublished 9 Jan 2026
  • H
Directory Traversal
Affects @remix-run/deno | Versions <2.17.2
Has fix
npmPublished 9 Jan 2026
  • H
Directory Traversal
Affects @remix-run/node | Versions <2.17.2
Has fix
npmPublished 9 Jan 2026
  • H
Cross-site Scripting (XSS)
Affects react-router | Versions >=7.0.0 <7.12.0
Has fix
npmPublished 9 Jan 2026
  • H
Cross-site Scripting (XSS)
Affects @remix-run/router | Versions <1.23.2
Has fix
npmPublished 9 Jan 2026
  • M
Cross-site Request Forgery (CSRF)
Affects react-router | Versions >=7.0.0 <7.12.0
Has fix
npmPublished 9 Jan 2026
  • M
Cross-site Request Forgery (CSRF)
Affects @remix-run/server-runtime | Versions <2.17.3
Has fix
npmPublished 9 Jan 2026