Is path-to-regexp-updated safe to use?

path-to-regexp-updated has 1 known vulnerabilities on the latest version (). DepScope rates its health at 15/100 (critical risk).

What is the latest version of path-to-regexp-updated?

The latest version of path-to-regexp-updated is .

Yes. path-to-regexp-updated has 1 known vulnerabilities. See depscope.dev/pkg/npm/path-to-regexp-updated for details.

No, path-to-regexp-updated is actively maintained. Latest release: .

Popular alternatives to path-to-regexp-updated in npm include: debug, chalk, picomatch, source-map, has-flag.

License information for path-to-regexp-updated is not declared in the registry metadata.

npmv

0 versions0 deps

/ 100

Health

do not use

Do not install. Package is flagged as malicious (advisory MAL-2026-1808).

Health breakdown0 – 100

0/25

maintenance

0/20

popularity

15/25

security

0/15

maturity

0/15

community

Vulnerabilities

1 critical

Advisories (1)

Severity	ID	Summary	Fixed in
critical	MAL-2026-1808	Malicious code in path-to-regexp-updated (npm)	—

🌟

0/10untyped

No type definitions available

⚠ Malicious package

This package is flagged as malicious by the OpenSSF/OSV community feed. Do not install.

Advisory: MAL-2026-1808 — Malicious code in path-to-regexp-updated (npm)

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/path-to-regexp-updated