risk 45/100 · moderate exploited in the wild

npm · everything (+ ~3000 sub-packages)

1 known advisory.

Risk score: 45/100

Transparent, additive — every input shown:

Worst severity: +20
Worst CVSS: +0
Exploited in the wild: +25
Exploit probability (EPSS): +0

Advisories

NPM-EVERYTHING-2024 — medium · exploited

Stateward checks every dependency on every pull request and flags everything (+ ~3000 sub-packages) only if your code actually reaches the vulnerable path.

Scan my repo

Sources: CISA KEV (public domain), OSV.dev & GitHub Advisory Database (CC-BY-4.0), FIRST EPSS, NVD/CWE (public domain). Served live from the Stateward advisory database.