VYPR

npm package

vulnogram

pkg:npm/vulnogram

Vulnerabilities (1)

  • CVE-2026-32774Mar 14, 2026
    affected <= 1.0.0

    Vulnogram 1.0.0 contains a stored cross-site scripting vulnerability in comment hypertext handling that allows attackers to inject malicious scripts. Remote attackers can inject XSS payloads through comments to execute arbitrary JavaScript in victims' browsers.