VYPR

npm package

node-cube

pkg:npm/node-cube

Vulnerabilities (1)

  • CVE-2025-57348Sep 24, 2025
    affected <= 5.0.0-beta.19

    The node-cube package (prior to version 5.0.0) contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper valid