I haven't researched the JS options in this space yet either, but if anyone reading is looking for something like this for PHP, there is Roave Security Advisories — https://github.com/Roave/SecurityAdvisories
Add it to your composer.json and it will simply conflict with all lib versions with known vulnerabilities.