VYPR

npm package

@adonisjs/lucid

pkg:npm/%40adonisjs/lucid

Vulnerabilities (1)

  • CVE-2026-22814HigJan 13, 2026
    affected < 21.8.2fixed 21.8.2

    @adonisjs/lucid is an SQL ORM for AdonisJS built on top of Knex. Prior to 21.8.2 and 22.0.0-next.6, there is a Mass Assignment vulnerability in AdonisJS Lucid which may allow a remote attacker who can influence data that is passed into Lucid model assignments to overwrite the int