8 Total advisories
8 Vulnerabilities
0 Malware
Vulnerabilities
MEDIUM 5.3
CVE-2026-8723
qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set
LOW 3.7
CVE-2026-2391
qs's arrayLimit bypass in comma parsing allows denial of service
LOW 3.7
CVE-2025-15284
qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion
HIGH 7.5
CVE-2022-24999
qs vulnerable to Prototype Pollution
HIGH 7.5
CVE-2017-1000048
Prototype Pollution Protection Bypass in qs
UNKNOWN
CVE-2014-7191
Denial-of-Service Memory Exhaustion in qs
UNKNOWN
CVE-2014-10064
Denial-of-Service Extended Event Loop Blocking in qs
UNKNOWN
GHSA-crvj-3gj9-gm2p
High severity vulnerability that affects qs
Ready to move
Start Securing
Free, no credit card | First findings in minutes