Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package ses, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2023-39532 — CVSS 9.8 (critical): SES is a JavaScript environment that allows safe execution of arbitrary programs in Compartments. In version 0.18.0 prior to 0.18.7, 0.17.0…
CVE-2025-32792: SES safely executes third-party JavaScript 'strict' mode programs in compartments that have no excess authority in their global scope…