All disclosed vulnerabilities by Snyk

• • H
  Improper Validation of Specified Quantity in Input in exifreader (npm)

  Discovered by Yuki Matsuhashi
  18 May 2026
• • H
  Prototype Pollution in jsondiffpatch (npm)

  Discovered by Yuki Matsuhashi
  15 May 2026
• • M
  Cross-site Scripting (XSS) in jsondiffpatch (npm)

  Discovered by Yuki Matsuhashi
  15 May 2026
• • M
  Missing Authentication for Critical Function in django-mdeditor (pip)

  Discovered by Jeager Coder
  26 Apr 2026
• • C
  Remote Code Execution (RCE) in simple-git (npm)

  Discovered by Kuycheu Kung
  24 Apr 2026
• • C
  Improperly Controlled Modification of Dynamically-Determined Object Attributes in flowise (npm)

  Discovered by Berk Dedekargınoğlu
  21 Apr 2026
• • M
  Cross-site Scripting (XSS) in github.com/yuin/goldmark/renderer/html (golang)

  Discovered by Catalin Iovita (Snyk Security Research)
  14 Apr 2026
• • M
  Division by zero in jsrsasign (npm)

  Discovered by Kr0emer
  22 Mar 2026
• • H
  Incorrect Conversion between Numeric Types in jsrsasign (npm)

  Discovered by Kr0emer
  22 Mar 2026
• • C
  Missing Cryptographic Step in jsrsasign (npm)

  Discovered by Kr0emer
  22 Mar 2026