npm/lodash-amd — 5 CVEs

CRITICAL9.1CVE-2019-10744Prototype Pollution in lodash

from 0, < 4.17.13

HIGH8.1CVE-2026-4800lodash vulnerable to Code Injection via `_.template` imports key names

>= 4.0.0, < 4.18.0

MEDIUM6.5CVE-2026-2950lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`

from 0, < 4.18.0

MEDIUM6.5Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions

>= 4.0.0, < 4.17.23

MEDIUM6.5Regular Expression Denial of Service (ReDoS) in lodash

>= 4.7.0, < 4.17.11

pkg:npm/lodash-amd