Orval-labs Orval
4 CVEs affecting Orval-labs Orval. Latest disclosed: 2026-01-30. Critical: 4, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-25141 | Critical | 9.8 | 2026-01-30 | Orval generates type-safe JS clients (TypeScript) from any valid OpenAPI v3 or Swagger v2 specification. Versions starting with 7.19.0 and prior to 7.21.0 and… |
CVE-2026-24132 | Critical | 9.8 | 2026-01-23 | Orval generates type-safe JS clients (TypeScript) from any valid OpenAPI v3 or Swagger v2 specification. Versions 7.19.0 and below and 8.0.0-rc.0 through 8.0… |
CVE-2026-23947 | Critical | 9.8 | 2026-01-20 | Orval generates type-safe JS clients (TypeScript) from any valid OpenAPI v3 or Swagger v2 specification. Versions prior to 7.19.0 until 8.0.2 are vulnerable to… |
CVE-2026-22785 | Critical | 9.8 | 2026-01-12 | orval generates type-safe JS clients (TypeScript) from any valid OpenAPI v3 or Swagger v2 specification. Prior to 7.18.0, the MCP server generation logic relie… |