What is mqtt?
"A library for the MQTT protocol"
mqtt is used to facilitate high-performance Node.js workflows. It provides a robust footprint of 1.9 MB on disk.
Installation Guide
# Install via NPM
npm install mqtt
# Install via Yarn
yarn add mqtt
Version 5.15.0 • License MIT
One-Line Verdict
"Heavy install size detected. Review bloat risk."
Caution
Actively Maintained
2 CVE History
Historical vulnerabilities found.
1.9 MB
Heavy: 1.9 MB
1,673,691
Highly Trusted
Package Payload
16 Direct
Dependency Hell Risk: High chain complexity.
Cold-Start Impact
+28 ms
Estimated execution overhead on standard hardware.
Current Threat Level
Risk Detected
Our audit detected 2 active or historical security flags. Critical CVEs have been mapped to this library.
Accuracy Protocol
Scanned against OSV.dev (Google Open Source) databases. Last Deep-Scan: 2026.
Is mqtt too heavy? Compare it with these industry standards:
"A library for the MQTT protocol"
mqtt is used to facilitate high-performance Node.js workflows. It provides a robust footprint of 1.9 MB on disk.
# Install via NPM
npm install mqtt
# Install via Yarn
yarn add mqtt
You are currently viewing a proprietary security audit for mqtt on PAudit. We aggregate global databases to provide a safety rating of 65/100.
Run npm install mqtt. This installs version 5.15.0 and adds 16 direct dependencies to your project.
Yes, mqtt records 1,673,691 weekly downloads, making it a Highly Trusted part of the ecosystem.