pkg:npm/jsonpath
2 total CVEsCRITICAL1
✅ Check your installed version
All known vulnerabilities
- CRITICAL9.8CVE-2026-1615jsonpath has Arbitrary Code Injection via Unsafe Evaluation of JSON Path Expressionsfrom 0, < 1.3.0
- —CVE-2025-61140JSONPath vulnerable to Prototype Pollution due to insufficient input validation of object keys in lib/index.jsfrom 0, < 1.2.0