OsVault/npm/@payloadcms/graphql
npm1 critical

@payloadcms/graphql

3 known vulnerabilities · 1 critical · 0 high

CVE-2025-4644

Payload's SQLite adapter Session Fixation vulnerability

Published Aug 29, 2025
CVE-2025-4643

Payload does not invalidate JWTs after log out

Published Aug 29, 2025
CVE-2026-34751CRITICAL
Risk: 45.51/100

Payload: Pre-Authentication Account Takeover via Parameter Injection in Password Recovery

Published Apr 1, 2026
Check your entire dependency tree at onceRun dependency scan →