npm1 critical
@frangoteam/fuxa
4 known vulnerabilities · 1 critical · 1 high
CVE-2023-33831CRITICAL
A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA
Published Sep 18, 2023
FUXA has JWT Authentication Bypass via HTTP Referer header spoofing
Published Feb 24, 2026
GHSA-c8m8-3jcr-6rj5
FUXA has a hardcoded fallback JWT signing secret
Published Mar 7, 2026
Check your entire dependency tree at onceRun dependency scan →