Real-time alerts for
vulnerable npm dependencies
Upload your package.json and get instant email or webhook alerts the moment a dependency receives a new CVE. Stay ahead of supply chain attacks.
No credit card required for 7-day trial. Cancel anytime.
CVE Database
Synced every hour
Instant Alerts
Email & webhooks
Multi-project
Unlimited package.json
Simple Pricing
Pro
$9
per month
- ✓ Unlimited package.json uploads
- ✓ Hourly CVE database sync
- ✓ Email & webhook alerts
- ✓ Dashboard for all projects
- ✓ 7-day free trial
FAQ
How does it detect vulnerabilities?
We sync with the GitHub Advisory Database and NVD every hour. When a new CVE matches a package version in your package.json, you're alerted immediately.
What alert channels are supported?
Email and webhooks (Slack, Discord, or any HTTP endpoint). Configure multiple channels per project from your dashboard.
Is my package.json data kept private?
Yes. Your files are stored encrypted and never shared. You can delete your data at any time from the dashboard.