pkg:npm/@fedify/fedify

6 total CVEsHIGH4MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • HIGH7.5CVE-2026-34148Fedify affected by resource exhaustion caused by unbounded redirect following during remote key/document resolution
    from 0, < 1.9.6
  • HIGH7.5CVE-2025-68475Fedify has ReDoS Vulnerability in HTML Parsing Regex
    from 0, < 1.6.13
  • HIGH7.2CVE-2024-39687Server Side Request Forgery (SSRF) attack in Fedify
    from 0, < 0.9.2
  • HIGH7.0CVE-2026-42462Fedify has an LD-Signature Bypass via JSON-LD Named-Graph Restructuring
    from 0, < 2.2.3
  • MEDIUM5.4CVE-2025-23221Infinite loop and Blind SSRF found inside the Webfinger mechanism in @fedify/fedify
    >= 1.0.13, < 1.0.14
  • CVE-2025-54888@fedify/fedify has Improper Authentication and Incorrect Authorization
    from 0, < 1.3.20