Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/05/17 12:16 a.m.6 views

DEBIAN-CVE-2026-8723

Summary qs.stringify throws TypeError when called with arrayFormat: 'comma' and encodeValuesOnly: true on an array containing null or undefined. The throw is synchronous and not handled by any of qs's null-related options skipNulls, strictNullHandling. Details In the comma + encodeValuesOnly...

6.3CVSS5.9AI score0.00351EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/05/17 12:0 a.m.8 views

qs 代码问题漏洞

QS is a JavaScript library developed by Jordan Harband. Versions of QS from 6.11.1 to 6.15.2 had code vulnerabilities. This vulnerability occurred when calling qs.stringify on an array containing null or undefined, with arrayFormat set to comma and encodeValuesOnly set to true. This resulted in a...

6.3CVSS5.9AI score0.00351EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/02/12 12:0 a.m.6 views

qs 安全漏洞

QS is a JavaScript library developed by Jordan Harband. QS has a security vulnerability, which stems from the arrayLimit option not enforcing restrictions on comma-separated values when the comma option is enabled. This could lead to a memory-exploiting denial-of-service attack...

7.5CVSS7.1AI score0.00478EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/02/05 12:0 a.m.3 views

dot-querystring 安全漏洞

dot-querystring is a dot notation library for node query strings by the individual developer Naoya Tsutsumi. A security vulnerability exists in dot-querystring version v0.2.0, which stems from the lib.parse function containing a prototype contamination vulnerability...

7.5CVSS6.8AI score0.00409EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/01/01 12:0 a.m.4 views

PT-2025-53805

Name of the Vulnerable Software and Affected Versions qs versions prior to 6.14.1 Description A flaw exists in the qs parse modules library where the arrayLimit option does not properly enforce limits when using bracket notation in query strings, leading to a potential HTTP Denial of Service DoS...

7.8CVSS6.8AI score0.0041EPSS
Exploits1References43
vulnersOsv
vulnersOsvadded 2022/11/27 12:30 a.m.4 views

01-numacert (>=1.0.0 <=3.0.0), 10by10-react-app (=1.2.1) +3839 more potentially affected by CVE-2022-24999 via qs (>=6.5.0 <=6.5.2)

qs NPM version =6.5.0, =1.0.0, =0.2.0, =0.1.0, =1.0.0, =1.0.3, =0.0.1-bate.30, =0.0.1, =0.0.1, =1.0.0, =12.1.0, =6.0.0, =7.12.0 and more Source cves: CVE-2022-24999 Source advisory: OSV:GHSA-HRPP-H998-J3PP...

7.5CVSS7.3AI score0.14663EPSS
Exploits2
vulnersOsv
vulnersOsvadded 2020/04/30 5:16 p.m.5 views

@appirio/salesforce (>=0.5.9 <=2.0.1), @artemis-prime/facebook-messenger-bot (=1.0.1) +205 more potentially affected by CVE-2017-1000048 via qs (>=6.1.0 <=6.1.1)

qs NPM version =6.1.0, =0.5.9, =1.1.25, =1.0.88, =1.1.7, =1.3.20, =16.1.4, =0.0.1, =2.0.1, =1.0.0, =1.0.6 - @mshksdk/design =0.0.2 and more Source cves: CVE-2017-1000048 Source advisory: OSV:GHSA-GQGV-6JQ5-JJJ9...

7.5CVSS6.7AI score0.02395EPSS
Exploits0
Rows per page
Query Builder