OsVault/npm/lodash-es
npm1 critical

lodash-es

8 known vulnerabilities · 1 critical · 3 high

CVE-2020-28500MEDIUM

Regular Expression Denial of Service (ReDoS) in lodash

Published Jan 6, 2022
CVE-2019-1010266MEDIUM

Regular Expression Denial of Service (ReDoS) in lodash

Published Jul 19, 2019
CVE-2019-10744CRITICAL

Prototype Pollution in lodash

Published Jul 10, 2019
CVE-2025-13465

Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions

Published Jan 21, 2026
CVE-2020-8203HIGH

Prototype Pollution in lodash

Published Jul 15, 2020
CVE-2026-4800HIGH
Risk: 40.53/100

lodash vulnerable to Code Injection via `_.template` imports key names

Published Apr 1, 2026
CVE-2021-23337HIGH

Command Injection in lodash

Published May 6, 2021
CVE-2026-2950MEDIUM
Risk: 32.52/100

lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`

Published Apr 1, 2026
Check your entire dependency tree at onceRun dependency scan →