GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3 advisories
Vega Expression Language `scale` expression function Cross Site Scripting
Moderate
CVE-2023-26486
was published
for
vega
(npm)
Mar 2, 2023
Vega vulnerable to Cross-site Scripting via RegExp.prototype[@@replace]
Moderate
CVE-2025-27793
was published
for
vega
(npm)
Mar 27, 2025
Vega Cross-Site Scripting (XSS) via event filter when not using CSP mode expressionInterpeter
Moderate
CVE-2025-26619
was published
for
vega
(npm)
Mar 27, 2025
ProTip!
Advisories are also available from the
GraphQL API