[✓] I have searched for similiar issues before filing this issue.
node version: v8.11.1
nsp: npm i -g nspnpm-check-updates module folder: cd [...]/.nvm/versions/node/v8.11.1/lib/node_modules/npm-check-updatesnsp check(+) No known vulnerabilities found
(+) 2 vulnerabilities found

Prototype pollution attack
More Info │ https://nodesecurity.io/advisories/566
nsp: npm i -g nspcd into the npm-check-updates module folder: cd [...]/.nvm/versions/node/v8.11.1/lib/node_modules/npm-check-updatesnsp checknpm audit reported 80 vulnerabilities with npm-check-updates v2.14.2 for me.
This is the output: audit.txt
I ran ncu -a on this repo and installed modules. Only three vulnerabilities came back and they were low priority. Why are the packages this repo uses so far out of date?
@NetOperatorWibby I have had to focus on other projects recently. Unfortunately nobody else has contributed in a long time. ncu has a lot of users, so hopefully someone will step up. It would help a lot of people.
@raineorshine I'm currently working on a fork and refactoring.
@NetOperatorWibby Wonderful. It would be so great to incorporate your changes back into the source.
@raineorshine Seems like people have been trying to help via PRs but nothing's merged.
@NetOperatorWibby A few PR's over the last 3 years. The unmerged PR's are either waiting for the v3 milestone or needed additional work.
I've abandoned my fork and started using https://www.npmjs.com/package/updates. It has less dependencies and similar usage. Still, npm-check-updates has served me well in the past, thanks for working on it.
Most helpful comment
@raineorshine I'm currently working on a fork and refactoring.