pkg:npm/@sync-in/server
3 total CVEsHIGH1
✅ Check your installed version
All known vulnerabilities
HIGH7.7CVE-2026-47684Sync-in Server: SSRF protection bypass via IPv4-mapped IPv6 addresses in regExpPrivateIP from 0, < 2.3.0
—CVE-2026-41161Sync-in Server has Username Enumeration via Timing Attack from 0, < 2.2.0
—CVE-2025-67438Sync-in Server has a stored cross-site scripting (XSS) vulnerability from 0, < 1.9.3