pkg:npm/vega-expression

All known vulnerabilities

• HIGH8.1CVE-2025-59840Vega Cross-Site Scripting (XSS) via expressions abusing toString calls in environments using the VEGA_DEBUG global variable
  >= 6.0.0, < 6.1.0