Vulnerability in Adonisjs Lucid
CVE-2026-22814
@adonisjs/lucid is an SQL ORM for AdonisJS built on top of Knex. Prior to 21.8.2 and 22.0.0-next.6, there is a Mass Assignment vulnerability in AdonisJS Lucid which may allow a remote attacker who can influence data that is passed into Luc…
Vulnerability class: Mass Assignment
EPSS: 0.005 (37.4th percentile) — read the EPSS interpretation.
Affected products
- Adonisjs Lucid — versions < 21.8.2, >= 22.0.0-next.0, < 22.0.0-next.6
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)