All disclosed vulnerabilities by Snyk

• • L
  Cross-site Scripting (XSS) in jsondiffpatch (npm)

  Discovered by zendive
  3 Sept 2025
• • H
  Prototype Pollution in @nyariv/sandboxjs (npm)

  Discovered by Erwin Chan
  4 Aug 2025
• • C
  SQL Injection in z-push/z-push-dev (composer)

  Discovered by XBOW
  28 Jul 2025
• • H
  Server-Side Request Forgery (SSRF) in ssrfcheck (npm)

  Discovered by Liran Tal
  27 Jul 2025
• • H
  Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in bun (npm)

  Discovered by Liran Tal
  22 Jul 2025
• • H
  Directory Traversal in files-bucket-server (npm)

  Discovered by Liran Tal
  22 Jul 2025
• • H
  Server-Side Request Forgery (SSRF) in private-ip (npm)

  Discovered by Liran Tal
  22 Jul 2025
• • M
  Cross-site Scripting (XSS) in angularjs (nuget)

  Discovered by Michael Prentice
  17 Jul 2025
• • H
  Regular Expression Denial of Service (ReDoS) in angularjs (nuget)

  Discovered by George Kalpakas
  17 Jul 2025
• • M
  Regular Expression Denial of Service (ReDoS) in angularjs (nuget)

  Discovered by Michael Prentice, George Kalpakas
  17 Jul 2025