OsVault/npm/tmp
npm

tmp

9 known vulnerabilities · 0 critical · 1 high

CVE-2025-54798

tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter

Published Aug 6, 2025
CVE-2017-16024MEDIUM

Tmp files readable by other users in sync-exec

Published Nov 9, 2018
CVE-2021-3777HIGH

tmpl vulnerable to Inefficient Regular Expression Complexity which may lead to resource exhaustion

Published Sep 20, 2021
GHSA-xmv6-r34m-62p4

OpenClaw: Sandbox media fallback tmp symlink alias bypass allows host file reads outside sandboxRoot

Published Mar 3, 2026
MAL-2022-1438

Malicious code in babeltmplatp (npm)

Published Aug 19, 2022
CVE-2026-22171

OpenClaw vulnerable to path traversal in Feishu media temp-file naming allows writes outside os.tmpdir()

Published Mar 3, 2026
MAL-2022-5510

Malicious code in ptmproc (npm)

Published Jun 13, 2022
MAL-2022-60

Malicious code in @adam_baldwin/tag-tmp (npm)

Published Jun 1, 2022
MAL-2025-48005

Malicious code in tmp-npmsnha (npm)

Published Oct 7, 2025
Check your entire dependency tree at onceRun dependency scan →