Critical Key Derivation Flaws in pbkdf2 Affect Millions of JavaScript Projects, PoC Available

Critical Key Derivation Flaws in pbkdf2 Affect Millions of JavaScript Projects, PoC Available

Two critical flaws (CVE-2025-6545, CVE-2025-6547, CVSS 9.1) in pbkdf2 npm package allow silent compromise of cryptographic keys. Update to 3.1.3+ immediately!