yarn

15 known vulnerabilities · 0 critical · 4 high

Missing Encryption of Sensitive Data in yarn

Published Jul 31, 2019

Path Traversal in Yarn

Published Feb 9, 2022

Yarn Improper link resolution before file access (Link Following)

Published Feb 14, 2020

Yarn untrusted search path vulnerability

Published Feb 4, 2024

TOCTOU Race Condition in Yarn

Published Feb 9, 2022

Claude Code Vulnerable to Arbitrary Code Execution via Plugin Autoloading with Specific Yarn Versions

Published Sep 24, 2025

MAL-2022-7330

Malicious code in yarn-design-system-rc-tooltip (npm)

Published Jun 20, 2022

MAL-2022-7325

Malicious code in yarn-design-system-choicesjs-stencil (npm)

Published Jun 20, 2022

MAL-2022-7327

Malicious code in yarn-design-system-fonts (npm)

Published Jun 20, 2022

MAL-2022-7326

Malicious code in yarn-design-system-flatpickr (npm)

Published Jun 20, 2022

MAL-2022-7328

Malicious code in yarn-design-system-logos (npm)

Published Jun 8, 2022

MAL-2022-7329

Malicious code in yarn-design-system-rc-input-number (npm)

Published Jun 20, 2022

MAL-2022-2914

Malicious code in example-yarn-package (npm)

Published Sep 12, 2022

MAL-2025-6137

Malicious code in yarn-test-git-repo (npm)

Published Jul 19, 2025

MAL-2022-7331

Malicious code in yarn-design-system-react-select (npm)

Published Jun 20, 2022

Check your entire dependency tree at onceRun dependency scan →