2 matches found
CVE-2025-54888
Fedify is a TypeScript library for building federated server apps powered by ActivityPub. In versions below 1.3.20, 1.4.0-dev.585 through 1.4.12, 1.5.0-dev.636 through 1.5.4, 1.6.0-dev.754 through 1.6.7, 1.7.0-pr.251.885 through 1.7.8 and 1.8.0-dev.909 through 1.8.4, an authentication bypass...
@fedify/botkit (>=0.3.0-dev.125 <=0.3.0-dev.131) potentially affected by CVE-2025-54888 via @fedify/fedify (=1.8.1-dev.1262)
@fedify/fedify NPM version =1.8.1-dev.1262 is affected by a known vulnerability. The following packages have a transitive dependency on @fedify/fedify and may be impacted: - @fedify/botkit =0.3.0-dev.125, =0.3.0-dev.131 Source cves: CVE-2025-54888 Source advisory: OSV:GHSA-6JCC-XGCR-Q3H4...