VYPR

npm package

@fastify/accepts-serializer

pkg:npm/%40fastify/accepts-serializer

Vulnerabilities (1)

  • CVE-2026-7768HigMay 4, 2026
    affected < 6.0.4fixed 6.0.4

    @fastify/accepts-serializer cached serializer-selection results keyed by the request Accept header without a size limit or eviction policy. A remote unauthenticated client could send many distinct but matching Accept header variants to make the cache grow unbounded, eventually ex