DepKeep

OSS Support Hub / Web Framework

Node.js Web Framework MIT Latest: v4.22.2

Express

Fast, unopinionated, minimalist web framework for Node.js

npmGitHub
Health Metrics

Project Health at a Glance

Live data from GitHub and npm, updated daily.

69.4K+318
GitHub Stars
📦
v4.22.2
Latest Release · 1 months ago
🔄
67d
Avg. Release Cadence
🐛
216
Open Issues
📅
13 days ago
Last Commit
⬇️
109.2M
Weekly Downloads
🔒
5
Active CVEs

Data last fetched: 2026-06-29

Security

Known Vulnerabilities

5 active CVEs reported via OSV.dev

GHSA-cm5g-3pgc-8rg4 CVSS_V3

Express ressource injection

Published: 2024-10-29 Fixed in: 4.0.0-rc1
GHSA-gpvr-g6gh-9mc2 CVSS_V3

No Charset in Content-Type Header in express

Published: 2018-10-23 Fixed in: 3.11.0
GHSA-jj78-5fmv-mv28 CVSS_V3

Express Open Redirect vulnerability

Published: 2024-10-03 Fixed in: 4.0.0-rc1
GHSA-qw6h-vgh9-j6wx CVSS_V3

express vulnerable to XSS via response.redirect()

Published: 2024-09-10 Fixed in: 4.20.0
GHSA-rv95-896h-c2vc CVSS_V3

Express.js Open Redirect in malformed URLs

Published: 2024-03-25 Fixed in: 4.19.2
Ecosystem

Alternatives to Express

Other Web Framework projects in the Node.js ecosystem worth evaluating.

fastify koa hapi
Get Help

Support Options for Express

Enterprise Support via DepKeep

Get SLA-backed support, security patches, and direct access to senior engineers for Express — without relying on volunteer maintainers.

Talk to an Expert →

Community Channels

GitHub Discussions →Stack Overflow →