OsVault/npm/mercurius
npm

mercurius

4 known vulnerabilities · 0 critical · 1 high

CVE-2025-64166

Mercurius: Incorrect Content-Type parsing can lead to CSRF attack

Published Mar 5, 2026
CVE-2023-22477MEDIUM

mercurius has Uncaught Exception when using subscriptions

Published Jan 9, 2023
CVE-2026-30241

Mercurius's queryDepth limit bypassed for WebSocket subscriptions

Published Mar 6, 2026
CVE-2021-43801HIGH

Uncaught Exception in mercurius

Published Dec 13, 2021
Check your entire dependency tree at onceRun dependency scan →