Vulnerability Database

Published: Sep 30, 2025
Updated: Jan 26, 2026
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-56572" target="_blank" rel="noopener"> CVE-2025-56572
GHSA: <a href="https://github.com/advisories/GHSA-5q7q-p8pc-782h" target="_blank" rel="noopener"> GHSA-5q7q-p8pc-782h
Severity: High
Exploit:

319,897

Total vulnerabilities in the database

An issue in finance.js v.4.1.0 allows a remote attacker to cause a denial of service via the seekZero() parameter.

CVSS v3:

CWEs:

Software	From	Fixed in
financejs	-	4.1.0.x
ebradyjobory / finance.js	4.1.0	4.1.0.x

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.