Lodash-amd
This hub aggregates every CVE we track for Lodash-amd, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
1
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM3HIGH1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
2
0
0
0
2024-072026-06
Latest CVEs
The 5 most recently published vulnerabilities affecting Lodash-amd.
- CVE-2026-4800lodash vulnerable to Code Injection via `_.template` imports key names8.1
- CVE-2026-2950lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`6.5
- CVE-2025-13465Prototype Pollution Vulnerability in Lodash _.unset and _.omit functions5.3
- CVE-2019-10744Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor p...9.1
- CVE-2019-1010266lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very lo...6.5
Product normalization is registry-driven with AI assist and human review. How it works