Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-wrrr-8jcv-wjf5
  • npm/@lobehub/chat
 LobeHub Vulnerable to Improper Authorization in Presigned Upload 7 hours ago
  • Fix available
  • Severity - 5.7 (Medium)
MAL-2026-617
  • npm/roots-cms-client
 Malicious code in roots-cms-client (npm) yesterday
  • No fix available
MAL-2026-616
  • npm/c11dff444
 Malicious code in c11dff444 (npm) yesterday
  • No fix available
MAL-2026-615
  • npm/teaser-nav
 Malicious code in teaser-nav (npm) yesterday
  • No fix available
MAL-2026-612
  • npm/sharedclasses
 Malicious code in sharedclasses (npm) 2 days ago
  • No fix available
MAL-2026-611
  • npm/mbo-letters-cl
 Malicious code in mbo-letters-cl (npm) 2 days ago
  • No fix available
GHSA-gch2-phqh-fg9q
  • npm/@orval/core
 Orval has Code Injection via unsanitized x-enum-descriptions using JS comments 2 days ago
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-37qj-frw5-hhjh
  • npm/fast-xml-parser
 fast-xml-parser has RangeError DoS Numeric Entities Bug 2 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-6f65-4fv2-wwch
  • npm/@vendure/core
 Vendure vulnerable to timing attack that enables user enumeration in NativeAuthenticationStrategy 2 days ago
  • Fix available
  • Severity - 2.7 (Low)
MAL-2026-609
  • npm/euskalplantxa
 Malicious code in euskalplantxa (npm) 2 days ago
  • No fix available
MAL-2026-608
  • npm/ezviz-shop-mall
 Malicious code in ezviz-shop-mall (npm) 2 days ago
  • No fix available
MAL-2026-607
  • npm/banquet-runtime-modules
 Malicious code in banquet-runtime-modules (npm) 2 days ago
  • No fix available
GHSA-2733-6c58-pf27
  • npm/deephas
 deepHas vulnerable to Prototype Pollution via constructor.prototype 3 days ago
  • Fix available
  • Severity - 9.4 (Critical)
MAL-2026-605
  • npm/dhgshop
 Malicious code in dhgshop (npm) 3 days ago
  • No fix available
GHSA-2cp6-34r9-54xx
  • npm/makerjs
 Maker.js has Unsafe Property Copying in makerjs.extendObject 3 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-83fc-fqcc-2hmg
  • npm/react-server-dom-parcel
  • npm/react-server-dom-turbopack
  • npm/react-server-dom-webpack
 React Server Components have multiple Denial of Service Vulnerabilities 3 days ago
  • Fix available
  • Severity - 7.5 (High)
Load more...