VYPR

Valibot

by Open Circle

npm: valibot

Source repositories

CVEs (1)

  • CVE-2025-66020HigNov 26, 2025
    risk 0.42cvss 7.5epss 0.00

    Valibot helps validate data using a schema. In versions from 0.31.0 to 1.1.0, the EMOJI_REGEX used in the emoji action is vulnerable to a Regular Expression Denial of Service (ReDoS) attack. A short, maliciously crafted string (e.g., <100 characters) can cause the regex engine…