Jsonpath
This hub aggregates every CVE we track for Jsonpath, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
3
CVEs tracked
2
Critical
0
High
0
In CISA KEV
Severity distribution
CRITICAL2MEDIUM1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
0
0
0
2024-072026-06
Latest CVEs
The 3 most recently published vulnerabilities affecting Jsonpath.
- CVE-2026-1615Versions of the package jsonpath before 1.3.0 are vulnerable to Arbitrary Code Injection via unsafe evaluation of user-supplied JSON Path expressions. The library relies on the static-eval module t...9.8
- CVE-2025-61140The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution.9.8
- CVE-2023-51074json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse() method.5.3
Product normalization is registry-driven with AI assist and human review. How it works