Vuln
·
Scope
Home
Packages
KEV
Critical
Insights
Jobs
Pricing
EN
中
Loading…
npm/lodash-es — 8 CVEs · VulnScope
pkg:npm/
lodash-es
8 total CVEs
CRITICAL
1
HIGH
3
MEDIUM
4
✅ Check your installed version
Check
All known vulnerabilities
CRITICAL
9.1
CVE-2019-10744
Prototype Pollution in lodash
from 0, < 4.17.14
HIGH
8.1
CVE-2026-4800
lodash vulnerable to Code Injection via `_.template` imports key names
>= 4.0.0, < 4.18.0
HIGH
7.4
CVE-2020-8203
Prototype Pollution in lodash
>= 3.7.0, < 4.17.20
HIGH
7.2
Command Injection in lodash
from 0, < 4.17.21
MEDIUM
6.5
lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`
from 0, < 4.18.0
MEDIUM
6.5
Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions
>= 4.0.0, < 4.17.23
MEDIUM
6.5
Regular Expression Denial of Service (ReDoS) in lodash
>= 4.7.0, < 4.17.11
MEDIUM
5.3
Regular Expression Denial of Service (ReDoS) in lodash
>= 4.0.0, < 4.17.21
CVE-2021-23337
CVE-2026-2950
CVE-2025-13465
CVE-2019-1010266
CVE-2020-28500