Vuln
·
Scope
Home
Packages
KEV
Critical
Insights
Jobs
Pricing
EN
中
Loading…
npm/locutus — 8 CVEs · VulnScope
pkg:npm/
locutus
8 total CVEs
CRITICAL
3
HIGH
2
✅ Check your installed version
Check
All known vulnerabilities
CRITICAL
9.8
CVE-2026-32304
Locutus vulnerable to RCE via unsanitized input in create_function()
from 0, < 3.0.14
CRITICAL
9.8
CVE-2020-13619
OS Command Injection in Locutus
from 0, <= 2.0.11
CRITICAL
9.8
CVE-2020-7719
Prototype Pollution in locutus
from 0, < 2.0.12
HIGH
8.1
locutus call_user_func_array vulnerable to Remote Code Execution (RCE) due to Code Injection
from 0, < 3.0.0
HIGH
7.5
Uncontrolled Resource Consumption in locutus
from 0, < 2.0.15
—
Locutus Prototype Pollution due to incomplete fix for CVE-2026-25521
>= 2.0.39, < 3.0.25
—
Locutus has Prototype Pollution via __proto__ Key Injection in unserialize()
from 0, < 3.0.25
—
locutus is vulnerable to Prototype Pollution
>= 2.0.12, < 2.0.39
CVE-2026-29091
CVE-2021-23392
CVE-2026-33994
CVE-2026-33993
CVE-2026-25521