Package impact
npm / rwsdk
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-39371 | high | 8.1 | 8.1 | 2mo ago | RedwoodSDK has a CSRF vulnerability in server function dispatch via GET requests | |||
| CVE-2026-42190 | medium | 5.3 | 5.3 | 21d ago | RedwoodSDK has Same-site CSRF through lack of origin validation in its server actions |