uuid — CVE history (npm)

uuid

2 CVEs affect the uuid npm package (highest CVSS 7.5). Latest disclosed: 2026-04-24. Full CVE history sourced from NVD.

Summary

Package
uuid (npm)
Total CVEs
2
Actively exploited (CISA KEV)
0
Highest CVSS
7.5
Latest disclosed
2026-04-24

Recent CVEs (top 2)

CVESeverityCVSSKEVPublishedSummary
CVE-2026-41907High7.52026-04-24uuid is for the creation of RFC9562 (formerly RFC4122) UUIDs.
CVE-2026-41988Low3.22026-04-23uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6.

All-time worst (top 2 by CVSS)

CVESeverityCVSSKEVPublishedSummary
CVE-2026-41907High7.52026-04-24uuid is for the creation of RFC9562 (formerly RFC4122) UUIDs.
CVE-2026-41988Low3.22026-04-23uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6.