Package impact
npm / signalk-server
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41893 | high | 7.5 | 7.5 | 26d ago | Signal K Server's WebSocket Login Endpoint Lacks Rate Limiting (Credential Brute-Force) | |||
| CVE-2026-35038 | medium | 6.5 | 6.5 | 2mo ago | Signal K Server: Arbitrary Prototype Read via `from` Field Bypass |