8 Total advisories
8 Vulnerabilities
0 Malware
Vulnerabilities
HIGH 7.5
CVE-2026-42570
Svelte devalue: DoS via sparse array deserialization
UNKNOWN
GHSA-mwv9-gp5h-frr4
Sveltejs devalue's `devalue.parse` and `devalue.unflatten` emit objects with `__proto__` own properties
UNKNOWN
CVE-2026-30226
devalue has prototype pollution in devalue.parse and devalue.unflatten
UNKNOWN
GHSA-8qm3-746x-r74r
devalue `uneval`ed code can create objects with polluted prototypes when `eval`ed
UNKNOWN
GHSA-33hq-fvwr-56pm
devalue affected by CPU and memory amplification from sparse arrays
HIGH 7.5
CVE-2026-22775
devalue vulnerable to denial of service due to memory/CPU exhaustion in devalue.parse
HIGH 7.5
CVE-2026-22774
Devalue is vulnerable to denial of service due to memory exhaustion in devalue.parse
UNKNOWN
CVE-2025-57820
devalue prototype pollution vulnerability
Ready to move
Start Securing
Free, no credit card | First findings in minutes