OsVault/npm/fresh
npm

fresh

13 known vulnerabilities · 0 critical · 1 high

CVE-2017-16119HIGH

Regular Expression Denial of Service in fresh

Published Jul 24, 2018
GHSA-hvp3-26wx-g2w4

Strapi: Password Reset Does Not Revoke Existing Refresh Sessions

Published May 13, 2026
CVE-2022-31160MEDIUM

jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text label

Published Jul 18, 2022
MAL-2025-4395

Malicious code in refreshrewards (npm)

Published May 23, 2025
MAL-2022-4554

Malicious code in meoconlonton-vhx-fresh (npm)

Published Jun 20, 2022
MAL-2022-1716

Malicious code in buffer-refresh (npm)

Published Jun 20, 2022
MAL-2026-4858

Malicious code in @service-user-notifications/set_refresh_interval (npm)

Published May 28, 2026
MAL-2025-142

Malicious code in next-refresh-token (npm)

Published Jan 19, 2025
MAL-2024-10302

Malicious code in freshchange (npm)

Published Oct 31, 2024
CVE-2026-28396

NocoDB's Refresh Tokens Not Revoked on Password Reset

Published Mar 2, 2026
MAL-2026-1485

Malicious code in react-refresh-update (npm)

Published Mar 16, 2026
GHSA-f74w-272x-mqcv

NocoDB: Refresh Token Cookie Set Without `secure` and `sameSite` Flags

Published May 21, 2026
GHSA-r989-7g3j-wjhw

NocoDB: Refresh Tokens Persist Through Password Recovery

Published Jun 17, 2026
Check your entire dependency tree at onceRun dependency scan →