pkg:npm/picomatch
2 total CVEsHIGH1MEDIUM1
✅ Check your installed version
All known vulnerabilities
HIGH7.5CVE-2026-33671Picomatch has a ReDoS vulnerability via extglob quantifiers >= 4.0.0, < 4.0.4
MEDIUM5.3CVE-2026-33672Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching >= 4.0.0, < 4.0.4