Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-43fc-jf86-j433
  • npm/axios
 Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig 5 hours ago
  • Fix available
  • Severity - 7.5 (High)
MAL-2026-821
  • npm/jwtdotenv
 Malicious code in jwtdotenv (npm) 5 hours ago
  • No fix available
MAL-2026-819
  • npm/json-mapping-sources
 Malicious code in json-mapping-sources (npm) 6 hours ago
  • No fix available
MAL-2026-820
  • npm/json-web-sources
 Malicious code in json-web-sources (npm) 6 hours ago
  • No fix available
MAL-2026-822
  • npm/react-svg-handler
 Malicious code in react-svg-handler (npm) 6 hours ago
  • No fix available
MAL-2026-816
  • npm/@skyeng/libs
 Malicious code in @skyeng/libs (npm) 8 hours ago
  • No fix available
GHSA-xx9g-fh25-4q64
  • npm/@adonisjs/bodyparser
 AdonisJS vulnerable to Denial of Service (DoS) via Unrestricted Memory Buffering in PartHandler during File Type Detection 3 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-f5x2-vj4h-vg4c
  • npm/@adonisjs/bodyparser
 AdonisJS multipart body parsing has Prototype Pollution issue 3 days ago
  • Fix available
  • Severity - 7.2 (High)
GHSA-ff64-7w26-62rf
  • npm/@anthropic-ai/claude-code
 Claude Code has Sandbox Escape via Persistent Configuration Injection in settings.json 3 days ago
  • Fix available
  • Severity - 7.7 (High)
GHSA-4q92-rfm6-2cqx
  • npm/@anthropic-ai/claude-code
 Claude Code has Permission Deny Bypass Through Symbolic Links 3 days ago
  • Fix available
  • Severity - 2.3 (Low)
GHSA-mhg7-666j-cqg4
  • npm/@anthropic-ai/claude-code
 Claude Code Vulnerable to Command Injection via Piped sed Command Bypasses File Write Restrictions 3 days ago
  • Fix available
  • Severity - 7.7 (High)
GHSA-66q4-vfjg-2qhh
  • npm/@anthropic-ai/claude-code
 Claude Code Vulnerable to Command Injection via Directory Change Bypasses Write Protection 3 days ago
  • Fix available
  • Severity - 7.7 (High)
GHSA-m4w9-gch5-c2g4
  • npm/client-certificate-auth
 client-certificate-auth Vulnerable to Open Redirect via Host Header Injection in HTTP-to-HTTPS redirect 3 days ago
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-25fq-6qgg-qpj8
  • npm/sceditor
 SCEditor has DOM XSS via emoticon URL/HTML injection 3 days ago
  • Fix available
  • Severity - 5.4 (Medium)
MAL-2026-806
  • npm/web3-chain-sinon
 Malicious code in web3-chain-sinon (npm) 3 days ago
  • No fix available
MAL-2026-807
  • npm/web3-sinon
 Malicious code in web3-sinon (npm) 3 days ago
  • No fix available
Load more...