npm
serve-static
4 known vulnerabilities · 0 critical · 0 high
CVE-2024-43800MEDIUM
serve-static vulnerable to template injection that can lead to XSS
Published Sep 10, 2024
MAL-2025-141
Malicious code in serve-static-corell (npm)
Published Jan 19, 2025
GHSA-wwfh-h76j-fc44
hono: Path traversal in `serve-static` on Windows via encoded backslash (`%5C`)
Published Jun 16, 2026
Check your entire dependency tree at onceRun dependency scan →