OsVault/npm/koa
npm

koa

12 known vulnerabilities · 0 critical · 0 high

CVE-2026-27959

Koa has Host Header Injection via ctx.hostname

Published Feb 26, 2026
CVE-2025-62595

Koa Vulnerable to Open Redirect via Trailing Double-Slash (//) in back Redirect Logic

Published Oct 21, 2025
CVE-2025-25200

Inefficient Regular Expression Complexity in koa

Published Feb 12, 2025
CVE-2021-23384MEDIUM

Open Redirect in koa-remove-trailing-slashes

Published Feb 10, 2022
MAL-2022-4209

Malicious code in koacompocse (npm)

Published Aug 19, 2022
MAL-2022-1867

Malicious code in cfltupdwygjikoam (npm)

Published Jul 11, 2022
CVE-2020-8176MEDIUM

Cross-site scripting in @shopify/koa-shopify-auth

Published May 17, 2021
MAL-2026-2838

Malicious code in koa-v3 (npm)

Published Apr 17, 2026
MAL-2022-4210

Malicious code in koaylogge (npm)

Published Aug 19, 2022
MAL-2022-4207

Malicious code in koa-colorful-logger (npm)

Published Aug 16, 2022
MAL-2022-4208

Malicious code in koabodparser (npm)

Published Aug 19, 2022
MAL-2022-6102

Malicious code in shopify-koa-app (npm)

Published Jun 20, 2022
Check your entire dependency tree at onceRun dependency scan →