VYPR

Ws

by Ws Project

CVEs (1)

  • CVE-2026-45736MedMay 15, 2026
    risk 0.22cvss 4.4epss 0.01

    ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, the websocket.close() implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. This vulnerability is fixed in 8.20.1.