Is node-tesseract-ocr safe to use?

node-tesseract-ocr has 1 known vulnerabilities on the latest version (2.2.1). DepScope rates its health at 40/100 (high risk).

What is the latest version of node-tesseract-ocr?

The latest version of node-tesseract-ocr is 2.2.1, released 2021-05-11.

Does node-tesseract-ocr have known vulnerabilities?

Yes. node-tesseract-ocr has 1 known vulnerabilities. See depscope.dev/pkg/npm/node-tesseract-ocr for details.

Is node-tesseract-ocr deprecated?

No, node-tesseract-ocr is actively maintained. Latest release: 2.2.1 (2021-05-11).

What are alternatives to node-tesseract-ocr?

Popular alternatives to node-tesseract-ocr in npm include: ?, semver, minimatch, debug, brace-expansion.

What license does node-tesseract-ocr use?

node-tesseract-ocr is licensed under MIT.

node-tesseract-ocr

npmv2.2.1

A Node.js wrapper for the Tesseract OCR API

License MITpermissive7 versions1 maintainers0 deps110,867 weekly dl

zapolnoch/node-tesseract-ocr

/ 100

Health

do not use

node-tesseract-ocr has critical vulnerabilities — do not use

Moderate health score (40/100) — verify manually
1 critical vulnerabilities

Health breakdown0 – 100

0/25

maintenance

14/20

popularity

15/25

security

12/15

maturity

4/15

community

0/15

popularity_floor

Vulnerabilities

1 critical

Advisories (1)

Severity	ID	Summary	Fixed in
critical	CVE-2026-26832	node-tesseract-ocr is vulnerable to OS Command Injection through unsanitized recognize() function parameter	—

Bundle & TypeScript

🌟

TypeScript

10/10typed

bundled

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/node-tesseract-ocr