We’ve disclosed 13  vulnerabilities 🎉

The Snyk security team helps disclose many vulnerabilities every month, in key packages across a variety of ecosystems. We work closely with open source package maintainers in order to ensure all vulnerabilities are responsibly and efficiently handled in a timely manner.
Our ever-growing list of sources include:

  • Vulnerability disclosures and reports sent to us from members of the community
  • Vulnerabilities we've uncovered by monitoring security chatter and trends across open source ecosystems
  • Partnerships with organizations and academic institutions
  • Research done internally by the Snyk Security Team
Report a new vulnerability

Featured disclosed vulnerabilities

Server-side Request Forgery (SSRF)


link-preview-js Open this link in a new tab

Discovered by Reworr

Session Fixation


passport Open this link in a new tab

Discovered by jaredhanson

Regular Expression Denial of Service (ReDoS)


scss-tokenizer Open this link in a new tab

Discovered by Paul Bastide

Recently disclosed vulnerabilities by Snyk

View all vulnerabilities disclosed by Snyk