VYPR

Payload Puck

by Delmaredigital

Source repositories

CVEs (1)

  • CVE-2026-39397CriApr 7, 2026
    risk 0.54cvss 9.4epss 0.00

    @delmaredigital/payload-puck is a PayloadCMS plugin for integrating Puck visual page builder. Prior to 0.6.23, all /api/puck/* CRUD endpoint handlers registered by createPuckPlugin() called Payload's local API with the default overrideAccess: true, bypassing all collection-level…

VYPR — Vulnerability Intelligence