pkg:npm/turbo

2 total CVEsCRITICAL1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2026-45772Turbo: Unexpected local code execution during Yarn Berry detection
    >= 1.1.0, < 2.9.14
  • CVE-2026-45773Trubo: Login callback CSRF/session fixation
    from 0, < 2.9.14
npm/turbo — 2 CVEs · VulnScope