Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package minimist, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2020-7598 — CVSS 5.6 (medium): minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload.