pkg:npm/@clerk/express

3 total CVEsHIGH2

✅ Check your installed version

All known vulnerabilities

  • HIGH7.5CVE-2025-53548@clerk/backend Performs Insufficient Verification of Data Authenticity
    >= 1.6.0, < 1.7.4
  • HIGH7.4CVE-2026-34076Clerk: SSRF in the opt-in clerkFrontendApiProxy feature may leak secret keys to unintended host
    >= 2.0.0, < 2.0.7
  • CVE-2026-42349Clerk has an authorization bypass when combining organization, billing, or reverification checks
    >= 0.1.0, < 1.7.79