OsVault/npm/validator

npm1 critical

validator

82 known vulnerabilities · 1 critical · 2 high

CVE-2025-12758

Validator is Vulnerable to Incomplete Filtering of One or More Instances of Special Elements

Published Nov 27, 2025

CVE-2025-56200

validator.js has a URL validation bypass vulnerability in its isURL function

Published Sep 30, 2025

CVE-2013-7454MEDIUM

Multiple XSS Filter Bypasses in validator

Published Oct 24, 2017

CVE-2013-7453MEDIUM

Moderate severity vulnerability that affects validator

Published Oct 24, 2017

CVE-2013-7452MEDIUM

Moderate severity vulnerability that affects validator

Published Oct 24, 2017

CVE-2014-8882

Regular Expression Denial of Service in validator

Published Aug 31, 2020

CVE-2013-7451MEDIUM

Moderate severity vulnerability that affects validator

Published Oct 24, 2017

CVE-2014-9772MEDIUM

XSS Filter Bypass via Encoded URL in validator

Published Nov 6, 2018

CVE-2021-3765HIGH

Inefficient Regular Expression Complexity in validator.js

Published Nov 3, 2021

MAL-2026-1062

Malicious code in express-core-validator (npm)

Published Feb 27, 2026

CVE-2020-7779MEDIUM

Regular Expression Denial of Service in djvalidator

Published Feb 9, 2022

CVE-2020-26309

nope-validator Regular Expression Denial of Service vulnerability

Published Oct 26, 2024

MAL-2022-2879

Malicious code in etn_validator_list (npm)

Published Jun 20, 2022

MAL-2025-2296

Malicious code in array-empty-validator (npm)

Published Mar 12, 2025

MAL-2023-8106

Malicious code in paypal-validators (npm)

Published Sep 15, 2023

MAL-2023-8295

Malicious code in f0-validator (npm)

Published Oct 5, 2023

MAL-2023-779

Malicious code in skip-validator (npm)

Published Jan 30, 2023

MAL-2024-9250

Malicious code in request-ip-validator (npm)

Published Oct 11, 2024

CVE-2020-7767MEDIUM

Regular expression deinal of service in express-validators

Published May 10, 2021

CVE-2019-18413LOW

SQL Injection and Cross-site Scripting in class-validator

Published Oct 12, 2021

MAL-2024-8782

Malicious code in litecoin-address-validator (npm)

Published Sep 4, 2024

MAL-2025-41604

Malicious code in sha256-validator-pro (npm)

Published Aug 28, 2025

MAL-2025-5193

Malicious code in envs-validator (npm)

Published Jun 20, 2025

MAL-2025-2747

Malicious code in chai-validator (npm)

Published Mar 28, 2025

MAL-2025-4588

Malicious code in pancake_uniswap_validators_utils_snipe (npm)

Published May 29, 2025

MAL-2025-3908

Malicious code in node-crypto-validator (npm)

Published May 16, 2025

MAL-2026-2221

Malicious code in @validator-lut-sdk/v3 (npm)

Published Mar 26, 2026

MAL-2026-2224

Malicious code in jito-validator-sdk (npm)

Published Mar 26, 2026

MAL-2022-6150

Malicious code in skip-reason-validator (npm)

Published Jun 20, 2022

MAL-2025-4437

Malicious code in hibernate-validator (npm)

Published May 26, 2025

CVE-2025-12816

node-forge has an Interpretation Conflict vulnerability via its ASN.1 Validator Desynchronization

Published Nov 26, 2025

MAL-2022-2857

Malicious code in esyncvalidator (npm)

Published Aug 19, 2022

MAL-2025-2297

Malicious code in auth-validator (npm)

Published Mar 12, 2025

MAL-2026-2225

Malicious code in neanderthal-validator (npm)

Published Mar 26, 2026

MAL-2025-191466

Malicious code in rpc-validator (npm)

Published Nov 25, 2025

MAL-2025-3119

Malicious code in skills-validator (npm)

Published Apr 3, 2025

MAL-2025-3551

Malicious code in express-validator-plugin (npm)

Published Apr 30, 2025

MAL-2026-2798

Malicious code in request-easy-validator (npm)

Published Apr 16, 2026

MAL-2025-211

Malicious code in nimiq-validators-trustscore (npm)

Published Jan 20, 2025

MAL-2025-4051

Malicious code in evm-validator (npm)

Published May 20, 2025

MAL-2024-9413

Malicious code in nimiq-validators-score (npm)

Published Oct 17, 2024

MAL-2025-9328

Malicious code in @siteaudit/amp-validator-api (npm)

Published Aug 14, 2025

MAL-2026-1046

Malicious code in jest-param-validator (npm)

Published Feb 26, 2026

MAL-2026-2395

Malicious code in uuidvalidatorarabis (npm)

Published Mar 24, 2026

MAL-2026-3162

Malicious code in apple-pki-cert-validator (npm)

Published Apr 29, 2026

MAL-2025-3207

Malicious code in empty-validator-plugin (npm)

Published Apr 11, 2025

MAL-2022-6339

Malicious code in stylelint-bem-validator (npm)

Published Jun 20, 2022

MAL-2025-2307

Malicious code in empty-array-validator (npm)

Published Mar 12, 2025

MAL-2023-748

Malicious code in rocketship-validator (npm)

Published Apr 20, 2023

MAL-2025-2317

Malicious code in is-buffer-validator (npm)

Published Mar 12, 2025

MAL-2025-2308

Malicious code in empty-validator (npm)

Published Mar 12, 2025

MAL-2026-2129

Malicious code in express-session-validator (npm)

Published Mar 24, 2026

MAL-2026-2227

Malicious code in validator-lut-sdk (npm)

Published Mar 26, 2026

MAL-2026-2300

Malicious code in eslint-validator (npm)

Published Mar 30, 2026

MAL-2023-8087

Malicious code in web3tool-validator (npm)

Published Sep 11, 2023

MAL-2025-4012

Malicious code in node-validator-ts (npm)

Published May 19, 2025

MAL-2022-5487

Malicious code in prop-validators (npm)

Published Jun 20, 2022

MAL-2025-47175

Malicious code in basic-validator-pro (npm)

Published Sep 15, 2025

MAL-2022-5205

Malicious code in pancake_uniswap_validators_utils (npm)

Published Jun 20, 2022

MAL-2024-10761

Malicious code in module-json-validator (npm)

Published Nov 14, 2024

MAL-2024-8744

Malicious code in bitcoin-address-validator (npm)

Published Sep 4, 2024

MAL-2024-8758

Malicious code in dogecoin-address-validator (npm)

Published Sep 4, 2024

MAL-2025-190498

Malicious code in validator-node (npm)

Published Nov 14, 2025

MAL-2024-11986

Malicious code in github-webhook-ip-validator (npm)

Published Dec 19, 2024

MAL-2025-3917

Malicious code in solana-crypto-validator (npm)

Published May 16, 2025

MAL-2024-1568

Malicious code in apl-validator (npm)

Published Jun 11, 2024

MAL-2025-6199

Malicious code in sha256-validator-pack (npm)

Published Jul 22, 2025

MAL-2025-3567

Malicious code in array-length-validator (npm)

Published May 1, 2025

MAL-2026-2382

Malicious code in osc-datagrid-validator (npm)

Published Mar 24, 2026

CVE-2026-34573HIGH

Risk: 37.52/100

parse-server has GraphQL complexity validator exponential fragment traversal DoS

Published Mar 31, 2026

CVE-2019-19507MEDIUM

Validation bypass is possible in Json Pattern Validator

Published Dec 4, 2019

CVE-2026-34532CRITICAL

Risk: 45.51/100

parse-server has cloud function validator bypass via prototype chain traversal

Published Mar 31, 2026

MAL-2025-47537

Malicious code in @sev-ui-verse/form-validators (npm)

Published Sep 25, 2025

MAL-2026-1463

Malicious code in polymarket-validator (npm)

Published Mar 16, 2026

MAL-2025-47885

Malicious code in helper-validator-identifier (npm)

Published Oct 2, 2025

MAL-2025-47916

Malicious code in @hash-validator/v2 (npm)

Published Oct 7, 2025

MAL-2025-47917

Malicious code in @hex-validator/v2 (npm)

Published Oct 7, 2025

MAL-2026-1731

Malicious code in express-http-validator (npm)

Published Mar 18, 2026

MAL-2025-5944

Malicious code in okta-template-validator (npm)

Published Jul 15, 2025

MAL-2025-2336

Malicious code in yoojae-validator (npm)

Published Mar 12, 2025

MAL-2025-191149

Malicious code in victoria-wallet-validator (npm)

Published Nov 24, 2025

MAL-2026-2526

Malicious code in request-js-validator (npm)

Published Apr 6, 2026

Check your entire dependency tree at onceRun dependency scan →