Skip to main content

Swiper

5 CVEs product

Monthly

CVE-2026-27212 npm HIGH POC PATCH This Week

Prototype pollution in Swiper versions 6.5.1 through 12.1.1 allows local authenticated attackers to manipulate Object.prototype through improperly validated user input, enabling authentication bypass, denial of service, and remote code execution. Public exploit code exists for this vulnerability, which affects applications on Linux and Windows using Node.js or Bun runtimes. A patch is available and should be applied immediately to affected systems processing untrusted input.

Linux Denial Of Service Authentication Bypass Swiper
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-39853 MEDIUM POC This Month

adolph_dudu ratio-swiper 0.0.2 was discovered to contain a prototype pollution via the function parse. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution RCE Denial Of Service Swiper
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-39000 MEDIUM This Month

adolph_dudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function parse. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Prototype Pollution RCE Denial Of Service Swiper
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-38997 npm MEDIUM POC This Month

adolph_dudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function extendDefaults. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution RCE Denial Of Service Swiper
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2021-23370 npm CRITICAL POC PATCH Act Now

This affects the package swiper before 6.5.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Swiper
NVD GitHub
CVSS 3.1
9.8
EPSS
2.2%
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Prototype pollution in Swiper versions 6.5.1 through 12.1.1 allows local authenticated attackers to manipulate Object.prototype through improperly validated user input, enabling authentication bypass, denial of service, and remote code execution. Public exploit code exists for this vulnerability, which affects applications on Linux and Windows using Node.js or Bun runtimes. A patch is available and should be applied immediately to affected systems processing untrusted input.

Linux Denial Of Service Authentication Bypass +1
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

adolph_dudu ratio-swiper 0.0.2 was discovered to contain a prototype pollution via the function parse. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution RCE Denial Of Service +1
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

adolph_dudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function parse. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Prototype Pollution RCE Denial Of Service +1
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

adolph_dudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function extendDefaults. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution RCE Denial Of Service +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC PATCH Act Now

This affects the package swiper before 6.5.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Swiper
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy