Fix CVE-2021-44906 in minimist HIGH

Fix CVE-2021-44906 (prototype pollution) in minimist for npm. Paste your package.json into PackageFix and get a patched version back — no CLI, no signup.

⚠ Vulnerability

CVE-2021-44906 — prototype pollution in minimist. Update to 1.2.6 or later.

Vulnerable Version — package.json

"minimist": "1.2.5"

Fixed Version — package.json

"minimist": "1.2.6"

✓ Fix

Update to 1.2.6 and run npm install to apply the fix.

Scan your dependencies now — paste your manifest, get a fixed version back in seconds.

Open PackageFix →

No signup · No CLI · No GitHub connection · Runs 100% in your browser

Frequently Asked Questions

What is CVE-2021-44906?

CVE-2021-44906 is a vulnerability in minimist that allows prototype pollution. Update to version 1.2.6 or later to fix it.

Is CVE-2021-44906 on the CISA KEV catalog?

Check the live CISA KEV catalog at packagefix.dev — the catalog updates daily and PackageFix always reflects the current status.

How do I fix CVE-2021-44906 in minimist?

Update minimist to version 1.2.6 or later in your package.json. Run npm install after updating.

Does CVE-2021-44906 affect all versions of minimist?

Check the OSV advisory for the exact affected version range. PackageFix shows the minimum safe version for your installed version.