VYPR

npm package

@orpc/client

pkg:npm/%40orpc/client

Vulnerabilities (1)

  • CVE-2026-28794Mar 6, 2026
    affected < 1.13.6fixed 1.13.6

    oRPC is an tool that helps build APIs that are end-to-end type-safe and adhere to OpenAPI standards. Prior to version 1.13.6, a prototype pollution vulnerability exists in the RPC JSON deserializer of the @orpc/client package. The vulnerability allows unauthenticated, remote atta