VDB
CVE-2026-32887
CVE-2026-32887
PUBLISHED
CVSS 7.400000095367432 HIGH
Effect `AsyncLocalStorage` context lost/contaminated inside Effect fibers under concurrent load with RPC
EPSS 0.02% · 3.1th percentile
Risk Scores
CVSS v3.1
7.400000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
0.02%
3.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Effect-TS | effect | < 3.20.0, < 3.20.0, * |
| npm | effect | 0, 0, 0 |
Timeline
- Mar 20, 2026 CVE Published
- Mar 21, 2026 EPSS Score
- Mar 21, 2026 PoC Published
- Mar 21, 2026 PoC Published
- Mar 22, 2026 EPSS Score
- Mar 22, 2026 Coalition ESS Score
- Mar 22, 2026 Security Advisory
- Mar 23, 2026 EPSS Score
- Mar 24, 2026 EPSS Score
- Mar 25, 2026 CVE Updated
- Mar 25, 2026 EPSS Score
- May 18, 2026 EPSS Score