Package impact
npm / @haxtheweb/open-apis
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-46391 | high | — | 8.0 | 10d ago | HAX open-apis: Credential Theft via Server-Side Request Forgery (SSRF) in open-apis | |||
| CVE-2025-48996 | unknown | — | — | 1y ago | Unauthenticated Disclosure of PSU HAX CMS Site Listings via haxPsuUsage API Endpoint |