VYPR

Once

by TooTallNate

Source repositories

CVEs (1)

  • CVE-2026-3449LowMar 3, 2026
    risk 0.14cvss 3.3epss 0.00

    Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then() usage to…