npm
@vendure/core
2 known vulnerabilities · 0 critical · 0 high
GHSA-9pp3-53p2-ww9v
@vendure/core has a SQL Injection vulnerability
Published Apr 14, 2026
Vendure vulnerable to timing attack that enables user enumeration in NativeAuthenticationStrategy
Published Jan 30, 2026
Check your entire dependency tree at onceRun dependency scan →