VYPR

npm package

outray

pkg:npm/outray

Vulnerabilities (2)

  • CVE-2026-22819Jan 14, 2026
    affected < 0.1.5fixed 0.1.5

    Outray openSource ngrok alternative. Prior to 0.1.5, this vulnerability allows a user i.e a free plan user to get more than the desired subdomains due to lack of db transaction lock mechanisms in main/apps/web/src/routes/api/$orgSlug/subdomains/index.ts. This vulnerability is fix

  • CVE-2026-22820Jan 14, 2026
    affected < 0.1.5fixed 0.1.5

    Outray openSource ngrok alternative. Prior to 0.1.5, a TOCTOU race condition vulnerability allows a user to exceed the set number of active tunnels in their subscription plan. This vulnerability is fixed in 0.1.5.