VYPR

Defu

by Unjs

npm: defu

Source repositories

CVEs (1)

  • CVE-2026-35209HigApr 6, 2026
    risk 0.42cvss 7.5epss 0.00

    defu is software that allows uers to assign default properties recursively. Prior to version 6.1.5, applications that pass unsanitized user input (e.g. parsed JSON request bodies, database records, or config files from untrusted sources) as the first argument to `defu()` are…