pkg:npm/tmp
3 total CVEsHIGH1LOW1
✅ Check your installed version
All known vulnerabilities
HIGH8.2CVE-2026-49982tmp: Type-confusion bypass of _assertPath allows path traversal via non-string prefix/postfix/template >= 0.2.6, < 0.2.7
LOW2.5CVE-2025-54798tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter from 0, < 0.2.4
—CVE-2026-44705tmp has Path Traversal via unsanitized prefix/postfix that enables directory escape from 0, < 0.2.6