Is node-tesseract-ocr safe to use?

node-tesseract-ocr has 1 known vulnerabilities on the latest version (2.2.1). DepScope rates its health at 29/100 (critical risk).

What is the latest version of node-tesseract-ocr?

The latest version of node-tesseract-ocr is 2.2.1, released 2021-05-11.

Does node-tesseract-ocr have known vulnerabilities?

Yes. node-tesseract-ocr has 1 known vulnerabilities. See depscope.dev/pkg/npm/node-tesseract-ocr for details.

Is node-tesseract-ocr deprecated?

No, node-tesseract-ocr is actively maintained. Latest release: 2.2.1 (2021-05-11).

What are alternatives to node-tesseract-ocr?

Popular alternatives to node-tesseract-ocr in npm include: minimatch, commander, eslint-visitor-keys, ajv, color-name.

What license does node-tesseract-ocr use?

node-tesseract-ocr is licensed under MIT.

node-tesseract-ocr

npmv2.2.1

A Node.js wrapper for the Tesseract OCR API

License MITpermissive7 versions1 maintainers0 deps

git://github.com/zapolnoch/node-tesseract-ocr

/ 100

Health

do not use

node-tesseract-ocr has critical vulnerabilities — do not use

Low health score (29/100)
1 critical vulnerabilities

Health breakdown0 – 100

0/25

maintenance

0/20

popularity

15/25

security

12/15

maturity

2/15

community

Vulnerabilities

1 critical

Advisories (1)

Severity	ID	Summary	Fixed in
critical	CVE-2026-26832	node-tesseract-ocr is vulnerable to OS Command Injection through unsanitized recognize() function parameter	—

Bundle & TypeScript

📦

Bundle Size

1.1 KBminified

0.7 KB gzipped

0 direct dependencies

side effects

🌟

TypeScript

10/10typed

bundled

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/node-tesseract-ocr