VIR Vulnerability Intelligence Relay

Package impact

npm npm / @evomap/evolver

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-42075 high 8.1 8.1 24d ago Evolver: Path Traversal via `--out` flag in `fetch` command allows Arbitrary File Write npm
CVE-2026-42077 medium 5.2 5.2 24d ago Evolver has Prototype Pollution via `Object.assign()` in its mailbox store operations npm