VYPR

npm package

express-rate-limit

pkg:npm/express-rate-limit

Vulnerabilities (1)

  • CVE-2026-30827Mar 7, 2026
    affected >= 8.2.0, < 8.2.2fixed 8.2.2

    express-rate-limit is a basic rate-limiting middleware for Express. In versions starting from 8.0.0 and prior to versions 8.0.2, 8.1.1, 8.2.2, and 8.3.0, the default keyGenerator in express-rate-limit applies IPv6 subnet masking (/56 by default) to all addresses that net.isIPv6()