Skip to main content

Zod

2 CVEs product

Monthly

CVE-2026-6991 LOW Monitor

SQL injection vulnerability in Zod CUID Data Type Handler affects versions up to 4.3.6, allowing authenticated remote attackers to manipulate input validation logic in the regex component and execute arbitrary SQL queries. The vulnerability has been publicly disclosed with proof-of-concept code available; the vendor was contacted early but provided no response, and no patch has been issued as of analysis time.

SQLi Zod
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2023-4316 npm HIGH POC PATCH This Week

Zod in versions 3.21.0 up to and including 3.22.3 allows an attacker to perform a denial of service while validating emails. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Zod
NVD
CVSS 3.1
7.5
EPSS
0.8%
EPSS 0% CVSS 2.1
LOW Monitor

SQL injection vulnerability in Zod CUID Data Type Handler affects versions up to 4.3.6, allowing authenticated remote attackers to manipulate input validation logic in the regex component and execute arbitrary SQL queries. The vulnerability has been publicly disclosed with proof-of-concept code available; the vendor was contacted early but provided no response, and no patch has been issued as of analysis time.

SQLi Zod
NVD VulDB
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Zod in versions 3.21.0 up to and including 3.22.3 allows an attacker to perform a denial of service while validating emails. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Zod
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy