Vulnerability Intelligence

npm package security at a glance

Live OSV advisories, affected version ranges, fix targets, and weekly download stats for any npm package — no account required.

5 000+

npm packages tracked

OSV.dev

advisory source

Live

real-time data

Most downloaded packages

Highest weekly download counts on npm

semver

npm · osv.dev

ansi-styles

npm · osv.dev

debug

npm · osv.dev

chalk

npm · osv.dev

minimatch

npm · osv.dev

supports-color

npm · osv.dev

strip-ansi

npm · osv.dev

ms

npm · osv.dev

ansi-regex

npm · osv.dev

string-width

npm · osv.dev

tslib

npm · osv.dev

brace-expansion

npm · osv.dev

More packages

High-impact open source packages

lru-cache wrap-ansi emoji-regex glob commander color-convert color-name type-fest source-map has-flag readable-stream escape-string-regexp p-locate locate-path picomatch uuid p-limit find-up safe-buffer ajv yallist is-fullwidth-code-point minipass glob-parent isarray json-schema-traverse signal-exit string_decoder js-yaml which eslint-visitor-keys telecom-mas-agent yargs-parser argparse iconv-lite @types/node acorn globals yargs resolve pretty-format get-stream resolve-from ws path-key ignore fs-extra mime-db

How it works

1

Look up any package

Enter any npm package name. We fetch live data from the npm registry and OSV.dev.

2

Review advisories

See every known advisory with severity, affected ranges, fixed versions, and source links.

3

Mitigate runtime risk

While you patch, protect exposed API and web flows with RequestGuard allow/block decisions.