VIR Vulnerability Intelligence Relay

Package impact

npm npm / @saltcorn/server

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-41478 critical 9.9 9.9 1mo ago Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId) npm
CVE-2026-42259 medium 5.5 21d ago Saltcorn: Open Redirect in `POST /auth/login` due to incomplete `is_relative_url` validation (backslash bypass) npm