OsVault/npm/@clerk/clerk-js
npm

@clerk/clerk-js

2 known vulnerabilities · 0 critical · 0 high

CVE-2025-63700

Clerk-js vulnerable to bypass of OAuth authentication flow by manipulating request at OTP verification stage

Published Nov 20, 2025
GHSA-w24r-5266-9c3c

Clerk has an authorization bypass when combining organization, billing, or reverification checks

Published Apr 30, 2026
Check your entire dependency tree at onceRun dependency scan →