Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package diff, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (1)
CVE-2026-24001 — CVSS 7.5 (high): jsdiff is a JavaScript text differencing implementation. Prior to versions 8.0.3, 5.2.2, 4.0.4, and 3.5.1, attempting to parse a patch…