VYPR

npm package

sveltekit-superforms

pkg:npm/sveltekit-superforms

Vulnerabilities (1)

  • CVE-2025-62381HigOct 15, 2025
    affected < 2.27.4fixed 2.27.4

    sveltekit-superforms makes SvelteKit forms a pleasure to use. sveltekit-superforms v2.27.3 and prior are susceptible to a prototype pollution vulnerability within the parseFormData function of formData.js. An attacker can inject string and array properties into Object.prototype,