JavaScript Vulnerabilities

Open-source JavaScript projects categorized as Vulnerabilities
Edit details
Security Audit HacktoberFest security-audit NodeJS
CodeRabbit: AI Code Reviews for Developers
Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
coderabbit.ai
featured

Top 8 JavaScript Vulnerability Projects

Vulnerabilities

  1. Retire.js

    scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

    Project mention: Retire.js โ€“ Scanner for JavaScript Libraries | news.ycombinator.com | 2025-04-04

  2. Civic Auth

    Auth in Less Than 5 Minutes. Civic Auth comes with multiple SSO options, optional embedded wallets, and user management โ€” all implemented with just a few lines of code. Start building today.

    Civic Auth logo

  3. awesome-nodejs-security

    Awesome Node.js Security resources

    Project mention: Node.js Security | news.ycombinator.com | 2024-06-27

  4. pwndoc

    Pentest Report Generator

  5. is-website-vulnerable

    finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

  6. npq

    ๐ŸŽ–safely* install packages with npm or yarn by auditing them as part of your install process

    Project mention: Popular GitHub Action tj-actions/changed-files is compromised | news.ycombinator.com | 2025-03-14

  7. sandworm-audit

    Security & License Compliance For Your App's Dependencies ๐Ÿชฑ

  8. scan-action

    Anchore container analysis and scan provided as a GitHub Action

  9. InfluxDB

    InfluxDB high-performance time series database. Collect, organize, and act on massive volumes of high-resolution data to power real-time intelligent systems.

    InfluxDB logo

  10. CVEAggregate

    Build a CVE library with aggregated CISA, EPSS and CVSS data

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

JavaScript Vulnerabilities discussion

Log in or Post with

JavaScript Vulnerabilities related posts

  • Retire.js โ€“ Scanner for JavaScript Libraries

    1 project | news.ycombinator.com | 4 Apr 2025

  • SQL Injection Isn't Dead Yet

    2 projects | dev.to | 15 Apr 2024

  • Best practices for effective attack surface analysis

    2 projects | dev.to | 19 Jul 2023

  • Tools Used to Test and Detect Application Security Vulnerabilities

    2 projects | dev.to | 23 Feb 2023

  • ๐Ÿ“ฆ Everything you need to know: package managers

    9 projects | dev.to | 2 Nov 2022

  • How useful is CVSS Score in CVE triage - The CVSS who cried wolf

    2 projects | /r/blueteamsec | 12 Aug 2022

  • ๐Ÿ›ก๏ธ Docker image security scan automation with GH issues

    1 project | dev.to | 23 Jun 2022
  • A note from our sponsor - CodeRabbit
    coderabbit.ai | 25 Apr 2025
    Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR. Learn more โ†’

Index

What are some of the best open-source Vulnerability projects in JavaScript? This list will help you:

# Project Stars
1 Retire.js 3,815
2 awesome-nodejs-security 2,803
3 pwndoc 2,490
4 is-website-vulnerable 1,962
5 npq 983
6 sandworm-audit 472
7 scan-action 237
8 CVEAggregate 27

Sponsored
Auth in Less Than 5 Minutes
Civic Auth comes with multiple SSO options, optional embedded wallets, and user management โ€” all implemented with just a few lines of code. Start building today.
www.civic.com

Did you know that JavaScript is
the 3rd most popular programming language
based on number of references?

Loading...