pkg:npm/@steipete/summarize

5 total CVEsHIGH2MEDIUM3

✅ Check your installed version

All known vulnerabilities

  • HIGH7.4CVE-2026-45245Summarize's hover summary feature allows malicious pages to dispatch synthetic mouseover events over attacker-controlled links
    from 0, < 0.15.1
  • HIGH7.1CVE-2026-45242Summarize contains a path traversal vulnerability
    from 0, < 0.15.0
  • MEDIUM6.1CVE-2026-45243Summarize contains a missing authorization vulnerability
    from 0, < 0.15.0
  • MEDIUM6.1CVE-2026-45222@steipete/summarize allows local attackers to read bearer tokens and API credentials stored in ~/.summarize/daemon.json
    from 0, < 0.15.0
  • MEDIUM5.4CVE-2026-45244Summarize contains a missing authorization vulnerability
    from 0, < 0.15.0