pkg:npm/@cubejs-backend/server-core

2 total CVEsHIGH1MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • HIGH7.7CVE-2026-25958Cube Core is vulnerable to privilege escalation via a specially crafted request
    >= 0.27.19, < 1.0.14
  • MEDIUM6.5CVE-2026-25957Cube Core is vulnerable to Denial of Service (DoS) via crafted request
    >= 1.1.17, < 1.4.2
npm/@cubejs-backend/server-core — 2 CVEs · VulnScope