debug — CVE history (npm)
debug
2 CVEs affect the debug npm package (highest CVSS 3.5). Latest disclosed: 2025-09-15. Full CVE history sourced from NVD.
Summary
- Package
debug(npm)- Total CVEs
2- Actively exploited (CISA KEV)
- 0
- Highest CVSS
3.5- Latest disclosed
- 2025-09-15
Recent CVEs (top 2)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2025-59144 | — | — | — | 2025-09-15 | debug is a JavaScript debugging utility. |
CVE-2017-20165 | Low | 3.5 | — | 2023-01-09 | A vulnerability classified as problematic has been found in debug-js debug up to 3.0.x. |
All-time worst (top 1 by CVSS)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2017-20165 | Low | 3.5 | — | 2023-01-09 | A vulnerability classified as problematic has been found in debug-js debug up to 3.0.x. |