Vulnerabilities fixed in Semaphore 5.8.8
- Last Updated: May 29, 2026
- 1 minute read
- Semaphore
- Documentation
The following table lists the vulnerabilities resolved in Semaphore 5.8.8.
Note: A severity value such as HIGH->LOW indicates that the original severity estimation was recalculated by the development team and mitigated to the new security level.
| Severity | Vulnerability ID | Component |
|---|---|---|
| Critical->Low | BDSA-2026-6870/CVE-2026-40175 | axios |
| High->Low | BDSA-2026-6792/CVE-2025-62718 | axios |
| High->Medium | BDSA-2026-8016/CVE-2026-41239 | DOMPurify |
| High->Medium | BDSA-2026-8017/CVE-2026-41238 | DOMPurify |
| High->Medium | BDSA-2026-8018/CVE-2026-41240 | DOMPurify |
| High->Low | BDSA-2026-5762/CVE-2026-4800 | Lodash |
| High->Low | BDSA-2021-0392/CVE-2021-23337 | Lodash |
| Medium | BDSA-2026-2425/CVE-2025-69873 | ajv |
| Medium | BDSA-2026-1821/CVE-2026-25639 | axios |
| Medium | BDSA-2026-6680/CVE-2026-39865 | axios |
| Medium | BDSA-2026-8333/CVE-2026-42033 | axios |
| Medium | BDSA-2026-8341/CVE-2026-42037 | axios |
| Medium | BDSA-2026-8347/CVE-2026-42038 | axios |
| Medium | BDSA-2026-8349/CVE-2026-42034 | axios |
| Medium | BDSA-2026-8362/CVE-2026-42035 | axios |
| Medium | BDSA-2026-8364/CVE-2026-42039 | axios |
| Medium | BDSA-2026-8366/CVE-2026-42036 | axios |
| Medium | BDSA-2026-8368/CVE-2026-42042 | axios |
| Medium | BDSA-2026-8370/CVE-2026-42041 | axios |
| Medium | BDSA-2026-8371/CVE-2026-42044 | axios |
| Medium | BDSA-2026-8372/CVE-2026-42043 | axios |
| Medium | BDSA-2026-5632/CVE-2026-33750 | brace-expansion |
| Medium | BDSA-2026-3338/CVE-2025-15599 | DOMPurify |
| Medium | BDSA-2026-3349/CVE-2026-0540 | DOMPurify |
| Medium | BDSA-2026-7212 | DOMPurify |
| Medium | BDSA-2026-8458/CVE-2026-40895 | follow-redirects |
| Medium | BDSA-2026-3570/CVE-2026-29063 | immutable-js |
| Medium | BDSA-2017-4131 | inflight |
| Medium | BDSA-2026-6606 | jackson-core |
| Medium | BDSA-2026-0878/CVE-2025-13465 | Lodash |
| Medium | BDSA-2026-6064/CVE-2026-2950 | Lodash |
| Medium | BDSA-2026-2414/CVE-2026-26996 | minimatch |
| Medium | BDSA-2026-2976/CVE-2026-27903 | minimatch |
| Medium | BDSA-2026-3084/CVE-2026-2359 | multer |
| Medium | BDSA-2026-3085/CVE-2026-3304 | multer |
| Medium | BDSA-2026-3376/CVE-2026-3520 | multer |
| Medium | BDSA-2026-5656/CVE-2026-33870 | Netty Project |
| Medium | BDSA-2026-5659/CVE-2026-33871 | Netty Project |
| Medium | BDSA-2026-5638/CVE-2026-4926 | path-to-regexp |
| Medium | BDSA-2026-5639/CVE-2026-4923 | path-to-regexp |
| Medium | BDSA-2026-5635/CVE-2026-33671 | picomatch |
| Medium | BDSA-2026-5636/CVE-2026-33672 | picomatch |
| Medium | BDSA-2026-8460/CVE-2026-41305 | PostCSS |
| Medium | BDSA-2026-8026/CVE-2026-41988 | uuid |
| Medium | BDSA-2025-14250/CVE-2025-11966 | vertx-web |
| Medium | BDSA-2025-14251/CVE-2025-11965 | vertx-web |
| Medium | BDSA-2026-6463/CVE-2026-39363 | vitejs |
| Medium | BDSA-2026-6512/CVE-2026-39364 | vitejs |