Package impact
npm / @sync-in/server
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41161 | medium | 5.3 | 5.3 | 28d ago | Sync-in Server has Username Enumeration via Timing Attack | |||
| CVE-2026-47684 | unknown | — | — | 4h ago | Sync-in Server: SSRF protection bypass via IPv4-mapped IPv6 addresses in regExpPrivateIP |