VYPR

npm package

@striae-org/striae

pkg:npm/%40striae-org/striae

Vulnerabilities (1)

  • CVE-2026-31839Mar 11, 2026
    affected >= 0.9.22-0, < 3.0.0fixed 3.0.0

    Striae is a firearms examiner's comparison companion. A high-severity integrity bypass vulnerability existed in Striae's digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing