npmjs
Security Risk Profile
Security Risk Score
Comprehensive risk assessment based on 16 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from July 2, 2016 to present
Threat Assessment
Severity Distribution
Exploit Likelihood
Age Distribution
Common Weaknesses (CWE)
Most Affected Products
Recent Vulnerabilities
See more →npm packing does not respect root-level ignore files in workspaces
UNIX Symbolic Link (Symlink) Following in @npmcli/arborist
Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization
UNIX Symbolic Link (Symlink) Following in @npmcli/arborist
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links
Regular Expression Denial of Service (ReDoS)
Regular Expression Denial of Service (ReDoS)
Monitor npmjs in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.