Every CVE whose affected-product data names Vega Project Vega, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2020-26296 — CVSS 8.7 (high): Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. Vega in an npm…
CVE-2025-65110 — CVSS 8.1 (high): Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. Prior to…
CVE-2023-26486 — CVSS 6.5 (medium): Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. The Vega `scale`…
CVE-2023-26487 — CVSS 6.5 (medium): Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs.`lassoAppend'…
CVE-2025-26619 — CVSS 6.1 (medium): Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In `vega` 5.30.0…
CVE-2019-10806 — CVSS 4.3 (medium): vega-util prior to 1.13.1 allows manipulation of object prototype. The 'vega.mergeConfig' method within vega-util could be tricked into…