pkg:npm/picomatch

All known vulnerabilities

• HIGH7.5CVE-2026-33671Picomatch has a ReDoS vulnerability via extglob quantifiers
  >= 4.0.0, < 4.0.4
• MEDIUM5.3CVE-2026-33672Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching
  >= 4.0.0, < 4.0.4