pkg:npm/@grpc/grpc-js

All known vulnerabilities

• HIGH7.5CVE-2026-48068@grpc/grpc-js: A malformed request can cause a server crash
  from 0, < 1.9.16
• HIGH7.5CVE-2026-48069@grpc/grpc-js: An incoming malformed compressed message can cause a client or server crash
  from 0, < 1.9.16
• HIGH7.5CVE-2020-7768Prototype pollution in grpc and @grpc/grpc-js
  from 0, < 1.1.8
• MEDIUM5.3@grpc/grpc-js can allocate memory for incoming messages well above configured limits
  >= 1.10.0, < 1.10.9