[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-13465":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":93,"aliases":94,"duplicate_of":9,"upstream":96,"downstream":97,"duplicates":200,"related":201,"reserved_at":9,"published_at":240,"modified_at":241,"state":242,"summary":243,"references_raw":252,"kevs":279,"epss":280,"epss_history":283,"metrics":556,"affected":575},"CVE-2025-13465","Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes.\n\nThe issue permits deletion of properties but does not allow overwriting their original behavior.\n\nThis issue is patched on 4.17.23",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-1321","Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')","The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.","weakness","Incomplete","Variant",[19,67,89],{"id":20,"name":21,"techniques":22},"CAPEC-1","Accessing Functionality Not Properly Constrained by ACLs",[23],{"id":24,"name":25,"tactics":26,"countermeasures":42},"T1574.010","Services File Permissions Weakness",[27,30,33,36,39],{"id":28,"name":29},"TA0110","Persistence",{"id":31,"name":32},"TA0111","Privilege Escalation",{"id":34,"name":35},"TA0030","Defense Evasion",{"id":37,"name":38},"TA0005","Stealth",{"id":40,"name":41},"TA0104","Execution",[43,48,52,57,62],{"id":44,"name":45,"tactic":46},"D3-SWI","Software Inventory",{"name":47},"Model",{"id":49,"name":50,"tactic":51},"D3-AVE","Asset Vulnerability Enumeration",{"name":47},{"id":53,"name":54,"tactic":55},"D3-SBV","Service Binary Verification",{"name":56},"Detect",{"id":58,"name":59,"tactic":60},"D3-SU","Software Update",{"name":61},"Harden",{"id":63,"name":64,"tactic":65},"D3-RS","Restore Software",{"name":66},"Restore",{"id":68,"name":69,"techniques":70},"CAPEC-180","Exploiting Incorrectly Configured Access Control Security Levels",[71],{"id":24,"name":25,"tactics":72,"countermeasures":78},[73,74,75,76,77],{"id":28,"name":29},{"id":31,"name":32},{"id":34,"name":35},{"id":37,"name":38},{"id":40,"name":41},[79,81,83,85,87],{"id":44,"name":45,"tactic":80},{"name":47},{"id":49,"name":50,"tactic":82},{"name":47},{"id":53,"name":54,"tactic":84},{"name":56},{"id":58,"name":59,"tactic":86},{"name":61},{"id":63,"name":64,"tactic":88},{"name":66},{"id":90,"name":91,"techniques":92},"CAPEC-77","Manipulating User-Controlled Variables",[],[],[95],"GHSA-xxjr-mmjv-4gpg",[],[98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130,132,134,136,138,140,142,144,146,148,150,152,154,156,158,160,162,164,166,168,170,172,174,176,178,180,182,184,186,188,190,192,194,196,198],{"_key":99},"SUSE-SU-2026:0397-1",{"_key":101},"SUSE-SU-2026:0396-1",{"_key":103},"OPENSUSE-SU-2026:20181-1",{"_key":105},"OPENSUSE-SU-2026:10155-1",{"_key":107},"OPENSUSE-SU-2026:20182-1",{"_key":109},"OPENSUSE-SU-2026:10154-1",{"_key":111},"SUSE-SU-2026:0379-1",{"_key":113},"SUSE-SU-2026:20236-1",{"_key":115},"SUSE-SU-2026:20237-1",{"_key":117},"SUSE-SU-2026:20336-1",{"_key":119},"SUSE-SU-2026:20337-1",{"_key":121},"SUSE-SU-2026:20338-1",{"_key":123},"SUSE-SU-2026:20454-1",{"_key":125},"SUSE-SU-2026:20494-1",{"_key":127},"SUSE-SU-2026:20538-1",{"_key":129},"SUSE-SU-2026:20540-1",{"_key":131},"SUSE-SU-2026:20576-1",{"_key":133},"SUSE-SU-2026:20580-1",{"_key":135},"SUSE-SU-2026:20650-1",{"_key":137},"SUSE-SU-2026:20653-1",{"_key":139},"SUSE-SU-2026:20688-1",{"_key":141},"SUSE-SU-2026:20695-1",{"_key":143},"OPENSUSE-SU-2026:10124-1",{"_key":145},"OPENSUSE-SU-2026:10147-1",{"_key":147},"OPENSUSE-SU-2026:10148-1",{"_key":149},"OPENSUSE-SU-2026:10149-1",{"_key":151},"OPENSUSE-SU-2026:10150-1",{"_key":153},"OPENSUSE-SU-2026:20177-1",{"_key":155},"OPENSUSE-SU-2026:20185-1",{"_key":157},"OPENSUSE-SU-2026:20244-1",{"_key":159},"OPENSUSE-SU-2026:20251-1",{"_key":161},"OPENSUSE-SU-2026:20336-1",{"_key":163},"SUSE-SU-2026:1013-1",{"_key":165},"SUSE-SU-2026:1008-1",{"_key":167},"SUSE-SU-2026:1524-1",{"_key":169},"DEBIAN-CVE-2025-13465",{"_key":171},"SUSE-SU-2026:20232-1",{"_key":173},"UBUNTU-CVE-2025-13465",{"_key":175},"RHSA-2026:18480",{"_key":177},"RHSA-2026:18868",{"_key":179},"RHSA-2026:2438",{"_key":181},"RHSA-2026:2452",{"_key":183},"RHSA-2026:2462",{"_key":185},"RHSA-2026:2465",{"_key":187},"RHSA-2026:2469",{"_key":189},"RHSA-2026:2484",{"_key":191},"RHSA-2026:2816",{"_key":193},"RHSA-2026:2817",{"_key":195},"RHSA-2026:2818",{"_key":197},"RHSA-2026:2819",{"_key":199},"RHSA-2026:3958",[],[202,203,204,205,206,207,208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238],{"_key":99},{"_key":101},{"_key":103},{"_key":105},{"_key":107},{"_key":109},{"_key":111},{"_key":113},{"_key":115},{"_key":117},{"_key":119},{"_key":121},{"_key":123},{"_key":125},{"_key":127},{"_key":129},{"_key":131},{"_key":133},{"_key":135},{"_key":137},{"_key":139},{"_key":141},{"_key":143},{"_key":145},{"_key":147},{"_key":149},{"_key":151},{"_key":153},{"_key":155},{"_key":157},{"_key":159},{"_key":161},{"_key":163},{"_key":165},{"_key":167},{"_key":171},{"_key":239},"CGA-4CHH-8C7H-PCPX","2026-01-21T19:05:28.846Z","2026-06-02T12:59:53.016Z","Modified",{"cisa_kev":244,"cisa_ransomware":244,"cisa_vendor":9,"epss_severity":245,"epss_score":246,"severity":247,"severity_score":248,"severity_version":249,"severity_source":250,"severity_vector":251,"severity_status":242},false,"low",0.00028,"medium",6.9,"v4.0","cve.org","CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P",[253,261,266,270,275],{"url":254,"sources":255,"tags":258},"https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg",[250,256,257],"nvd","osv_npm",[259,260],"WEB","Vendor Advisory",{"url":262,"sources":263,"tags":264},"https://nvd.nist.gov/vuln/detail/CVE-2025-13465",[257],[265],"Advisory",{"url":267,"sources":268,"tags":269},"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81",[257],[259],{"url":271,"sources":272,"tags":273},"https://github.com/lodash/lodash",[257],[274],"PACKAGE",{"url":276,"sources":277,"tags":278},"https://cert-portal.siemens.com/productcert/html/ssa-253495.html",[250,256],[],[],{"date":281,"score":246,"percentile":282},"2026-06-05",0.08327,[284,288,291,294,297,300,304,307,310,313,316,319,322,325,328,331,334,337,340,343,346,349,352,355,358,361,364,367,371,374,377,380,384,387,390,393,396,399,402,405,408,411,414,417,420,423,426,429,431,434,436,439,442,445,448,451,454,457,460,463,466,469,472,475,478,481,484,487,491,494,497,500,503,506,509,512,515,518,521,524,527,530,533,536,539,542,545,548,551,554],{"date":285,"score":286,"percentile":287},"2026-01-22",0.00045,0.13784,{"date":289,"score":286,"percentile":290},"2026-01-23",0.13863,{"date":292,"score":286,"percentile":293},"2026-01-24",0.13908,{"date":295,"score":286,"percentile":296},"2026-01-25",0.13848,{"date":298,"score":286,"percentile":299},"2026-01-26",0.13774,{"date":301,"score":302,"percentile":303},"2026-01-27",0.0006,0.18701,{"date":305,"score":302,"percentile":306},"2026-01-28",0.18704,{"date":308,"score":302,"percentile":309},"2026-01-29",0.18674,{"date":311,"score":302,"percentile":312},"2026-01-30",0.18688,{"date":314,"score":302,"percentile":315},"2026-01-31",0.18696,{"date":317,"score":302,"percentile":318},"2026-02-01",0.18722,{"date":320,"score":302,"percentile":321},"2026-02-02",0.18669,{"date":323,"score":302,"percentile":324},"2026-02-03",0.18646,{"date":326,"score":302,"percentile":327},"2026-02-04",0.18627,{"date":329,"score":302,"percentile":330},"2026-02-05",0.18657,{"date":332,"score":302,"percentile":333},"2026-02-06",0.18675,{"date":335,"score":302,"percentile":336},"2026-02-07",0.18686,{"date":338,"score":302,"percentile":339},"2026-02-08",0.1864,{"date":341,"score":302,"percentile":342},"2026-02-09",0.18594,{"date":344,"score":302,"percentile":345},"2026-02-10",0.18527,{"date":347,"score":302,"percentile":348},"2026-02-11",0.1853,{"date":350,"score":302,"percentile":351},"2026-02-12",0.1857,{"date":353,"score":302,"percentile":354},"2026-02-13",0.18572,{"date":356,"score":302,"percentile":357},"2026-02-14",0.18538,{"date":359,"score":302,"percentile":360},"2026-02-15",0.18519,{"date":362,"score":302,"percentile":363},"2026-02-16",0.18489,{"date":365,"score":302,"percentile":366},"2026-02-17",0.1847,{"date":368,"score":369,"percentile":370},"2026-02-18",0.00023,0.05956,{"date":372,"score":369,"percentile":373},"2026-02-19",0.06033,{"date":375,"score":369,"percentile":376},"2026-02-20",0.05997,{"date":378,"score":369,"percentile":379},"2026-02-21",0.0601,{"date":381,"score":382,"percentile":383},"2026-02-22",0.00025,0.0681,{"date":385,"score":382,"percentile":386},"2026-02-23",0.06818,{"date":388,"score":382,"percentile":389},"2026-02-24",0.06801,{"date":391,"score":382,"percentile":392},"2026-02-25",0.06732,{"date":394,"score":382,"percentile":395},"2026-02-26",0.06674,{"date":397,"score":382,"percentile":398},"2026-02-27",0.06696,{"date":400,"score":382,"percentile":401},"2026-02-28",0.06701,{"date":403,"score":382,"percentile":404},"2026-03-01",0.06755,{"date":406,"score":382,"percentile":407},"2026-03-02",0.06686,{"date":409,"score":382,"percentile":410},"2026-03-03",0.06693,{"date":412,"score":382,"percentile":413},"2026-03-04",0.06617,{"date":415,"score":382,"percentile":416},"2026-03-05",0.06641,{"date":418,"score":382,"percentile":419},"2026-03-06",0.06621,{"date":421,"score":382,"percentile":422},"2026-03-07",0.06626,{"date":424,"score":382,"percentile":425},"2026-03-08",0.06599,{"date":427,"score":382,"percentile":428},"2026-03-09",0.06564,{"date":430,"score":382,"percentile":428},"2026-03-10",{"date":432,"score":382,"percentile":433},"2026-03-11",0.06586,{"date":435,"score":382,"percentile":413},"2026-03-12",{"date":437,"score":382,"percentile":438},"2026-03-13",0.06635,{"date":440,"score":382,"percentile":441},"2026-03-14",0.06588,{"date":443,"score":382,"percentile":444},"2026-03-15",0.06576,{"date":446,"score":382,"percentile":447},"2026-03-16",0.0656,{"date":449,"score":382,"percentile":450},"2026-03-17",0.06547,{"date":452,"score":382,"percentile":453},"2026-03-18",0.0653,{"date":455,"score":382,"percentile":456},"2026-03-19",0.06554,{"date":458,"score":246,"percentile":459},"2026-03-20",0.07643,{"date":461,"score":246,"percentile":462},"2026-03-21",0.07863,{"date":464,"score":246,"percentile":465},"2026-03-22",0.07846,{"date":467,"score":246,"percentile":468},"2026-03-23",0.07825,{"date":470,"score":246,"percentile":471},"2026-03-24",0.07811,{"date":473,"score":246,"percentile":474},"2026-03-25",0.07892,{"date":476,"score":246,"percentile":477},"2026-03-26",0.0796,{"date":479,"score":246,"percentile":480},"2026-03-27",0.0795,{"date":482,"score":246,"percentile":483},"2026-03-28",0.07957,{"date":485,"score":246,"percentile":486},"2026-03-29",0.07933,{"date":488,"score":489,"percentile":490},"2026-03-30",0.00029,0.08358,{"date":492,"score":489,"percentile":493},"2026-03-31",0.08324,{"date":495,"score":489,"percentile":496},"2026-04-01",0.08311,{"date":498,"score":489,"percentile":499},"2026-04-02",0.08366,{"date":501,"score":489,"percentile":502},"2026-04-03",0.0839,{"date":504,"score":489,"percentile":505},"2026-04-04",0.08419,{"date":507,"score":489,"percentile":508},"2026-04-05",0.08405,{"date":510,"score":489,"percentile":511},"2026-04-06",0.0833,{"date":513,"score":489,"percentile":514},"2026-04-07",0.08341,{"date":516,"score":489,"percentile":517},"2026-04-08",0.08413,{"date":519,"score":489,"percentile":520},"2026-04-09",0.0843,{"date":522,"score":489,"percentile":523},"2026-04-10",0.08427,{"date":525,"score":489,"percentile":526},"2026-04-11",0.08421,{"date":528,"score":489,"percentile":529},"2026-04-12",0.08402,{"date":531,"score":489,"percentile":532},"2026-04-13",0.08387,{"date":534,"score":489,"percentile":535},"2026-04-14",0.08257,{"date":537,"score":489,"percentile":538},"2026-04-15",0.08276,{"date":540,"score":489,"percentile":541},"2026-04-16",0.08279,{"date":543,"score":489,"percentile":544},"2026-04-17",0.08265,{"date":546,"score":489,"percentile":547},"2026-04-18",0.0826,{"date":549,"score":489,"percentile":550},"2026-04-19",0.08244,{"date":552,"score":489,"percentile":553},"2026-04-20",0.08232,{"date":555,"score":489,"percentile":526},"2026-04-21",[557,560,568],{"source":250,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":558},{"baseScore":248,"baseSeverity":559,"vectorString":251,"impactScore":9,"exploitabilityScore":9},"MEDIUM",{"source":256,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":561,"cvss_v4_0":566},{"baseScore":562,"baseSeverity":559,"vectorString":563,"impactScore":564,"exploitabilityScore":565},5.3,"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",2.3,10,{"baseScore":248,"baseSeverity":559,"vectorString":567,"impactScore":9,"exploitabilityScore":9},"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",{"source":257,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":569,"cvss_v4_0":573},{"baseScore":570,"baseSeverity":9,"vectorString":571,"impactScore":572,"exploitabilityScore":565},6.5,"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",4.2,{"baseScore":574,"baseSeverity":9,"vectorString":251,"impactScore":9,"exploitabilityScore":9},7.9,[576,587,591,600,604,611,614,617],{"ecosystem":9,"name":577,"vendor":578,"product":578,"cpe_part":579,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":580},"Lodash-amd","lodash-amd","a",[581],{"version":582,"is_range":583,"range_type":250,"version_start":584,"version_start_type":585,"version_end":586,"version_end_type":585,"fixed_in":9},">= 4.0.0, \u003C= 4.17.22",true,"4.0.0","including","4.17.22",{"ecosystem":9,"name":588,"vendor":588,"product":588,"cpe_part":579,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":589},"lodash-es",[590],{"version":582,"is_range":583,"range_type":250,"version_start":584,"version_start_type":585,"version_end":586,"version_end_type":585,"fixed_in":9},{"ecosystem":9,"name":592,"vendor":592,"product":592,"cpe_part":579,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":593},"lodash",[594,595],{"version":582,"is_range":583,"range_type":250,"version_start":584,"version_start_type":585,"version_end":586,"version_end_type":585,"fixed_in":9},{"version":596,"is_range":583,"range_type":597,"version_start":584,"version_start_type":585,"version_end":598,"version_end_type":599,"fixed_in":9},"gte4.0.0_lt4.17.23","cpe","4.17.23","excluding",{"ecosystem":9,"name":601,"vendor":601,"product":601,"cpe_part":579,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":602},"lodash.unset",[603],{"version":584,"is_range":244,"range_type":250,"version_start":584,"version_start_type":585,"version_end":584,"version_end_type":585,"fixed_in":9},{"ecosystem":605,"name":592,"vendor":605,"product":592,"cpe_part":9,"purl_type":606,"purl_namespace":9,"purl_name":592,"source":9,"versions":607},"Npm","npm",[608],{"version":609,"is_range":583,"range_type":610,"version_start":584,"version_start_type":585,"version_end":598,"version_end_type":599,"fixed_in":9},"gte4_0_0_lt4_17_23","semver",{"ecosystem":605,"name":578,"vendor":605,"product":578,"cpe_part":9,"purl_type":606,"purl_namespace":9,"purl_name":578,"source":9,"versions":612},[613],{"version":609,"is_range":583,"range_type":610,"version_start":584,"version_start_type":585,"version_end":598,"version_end_type":599,"fixed_in":9},{"ecosystem":605,"name":588,"vendor":605,"product":588,"cpe_part":9,"purl_type":606,"purl_namespace":9,"purl_name":588,"source":9,"versions":615},[616],{"version":609,"is_range":583,"range_type":610,"version_start":584,"version_start_type":585,"version_end":598,"version_end_type":599,"fixed_in":9},{"ecosystem":605,"name":601,"vendor":605,"product":601,"cpe_part":9,"purl_type":606,"purl_namespace":9,"purl_name":601,"source":9,"versions":618},[619],{"version":620,"is_range":583,"range_type":610,"version_start":584,"version_start_type":585,"version_end":621,"version_end_type":585,"fixed_in":9},"gte4_0_0_lte4_5_2","4.5.2"]