Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package ajv, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2020-15366 — CVSS 5.6 (medium): An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be…
CVE-2025-69873 — CVSS 2.9 (low): ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is…