SecAlerts
CVE ListPricingSign Up
jonschlinkert logo

jonschlinkert

Security Risk Profile

27
/100
low

Security Risk Score

Comprehensive risk assessment based on 6 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from May 13, 2024 to present

6
Total CVEs
4
Critical+High
0
Exploited
2
Unpatched

Threat Assessment

Avg CVSS
6.8
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
2
Critical/High
Risk Level
27/100
low

Severity Distribution

Critical
0
High
4
Medium
2
Low
0

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
0
<5%
5

Age Distribution

Common Weaknesses (CWE)

1
Input Validation
2
2
Infoleak
1

Most Affected Products

1. npm/picomatch6
2. Jonschlinkert Picomatch Node.js6
3. Microsoft azl3 nodejs24 24.14.1-12
4. toggle-array toggle-array1
5. npm/toggle-array1

Recent Vulnerabilities

See more →
CVE-2026-33672
CVSS 5.3EPSS 0%medium

Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching

3/25/2026
CVE-2026-33671
CVSS 7.5EPSS 0%high

Picomatch has a ReDoS vulnerability via extglob quantifiers

3/25/2026
CVE-2025-57328
CVSS 7.5high
9/24/2025🔧 No Patch
CVE-2025-25975
CVSS 7.5EPSS 0%high
3/12/2025🔧 No Patch
CVE-2024-4068
CVSS 7.5EPSS 0%high

Memory Exhaustion in braces

5/13/2024
CVE-2024-4067
CVSS 5.3EPSS 0%medium

Regular Expression Denial of Service in micromatch

5/13/2024

Monitor jonschlinkert in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.