pkg:npm/@fedify/fedify
6 total CVEsHIGH4MEDIUM1
✅ Check your installed version
All known vulnerabilities
HIGH7.5CVE-2026-34148Fedify affected by resource exhaustion caused by unbounded redirect following during remote key/document resolution from 0, < 1.9.6
HIGH7.5CVE-2025-68475Fedify has ReDoS Vulnerability in HTML Parsing Regex from 0, < 1.6.13
HIGH7.2CVE-2024-39687Server Side Request Forgery (SSRF) attack in Fedify from 0, < 0.9.2
HIGH7.0Fedify has an LD-Signature Bypass via JSON-LD Named-Graph Restructuring
from 0, < 2.2.3
MEDIUM5.4Infinite loop and Blind SSRF found inside the Webfinger mechanism in @fedify/fedify
>= 1.0.13, < 1.0.14
—@fedify/fedify has Improper Authentication and Incorrect Authorization
from 0, < 1.3.20