Undici
by Npm
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-9678 | mod | 0.38 | 5.9 | — | Jun 17, 2026 | undici: Undici: Information disclosure due to improper cache-control header parsing | ||
| CVE-2026-11525 | low | 0.24 | 3.7 | — | Jun 17, 2026 | undici: undici: Weakening of cookie SameSite policy due to incorrect parsing of Set-Cookie header |
- risk 0.38cvss 5.9epss —
undici: Undici: Information disclosure due to improper cache-control header parsing
- risk 0.24cvss 3.7epss —
undici: undici: Weakening of cookie SameSite policy due to incorrect parsing of Set-Cookie header