0
CRITICAL
1
HIGH
0
MEDIUM
0
LOW
1
POC
0
KEV
Monthly
Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength() function that does not take into account. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Buffer Overflow
Validator
NVD
GitHub
CVSS 4.0
7.7
EPSS
0.1%
CVE-2025-12758
EPSS 0%
CVSS 7.7
HIGH
POC
PATCH
This Week
Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength() function that does not take into account. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Buffer Overflow
Validator
NVD
GitHub