Is Yarn 1.22.22 patched?
Yarn · cycle 1.22 · Official site ↗
1.22.2297/100Healthy
Current stable (4.17.0): 100/100
Health score97/100
Open issues2
Exploited now0
Cycle 1.22 EOL—
Latest release4.17.0
Summary iPlain-English security status for Yarn 1.22.22, built from its CVEs, active-exploitation data, end-of-life date and latest release.
Yarn 1.22.22 is part of the 1.22 release line. 2 known vulnerabilities affect it. The latest supported Yarn release is 4.17.0.
Known issues affecting 1.22.22
Exploited first, then by exploitation probability.
CVE-2025-8262 MEDIUM EPSS 1% → see advisory CVE-2025-9308 LOW EPSS 0% → see advisoryFrequently asked
Is Yarn 1.22.22 patched?
2 known issues affect Yarn 1.22.22.
What is the latest version of Yarn?
The latest supported Yarn release is 4.17.0.
Is Yarn 1.22.22 still receiving security updates?
Yes — the 1.22 line is still supported and receiving security updates. The latest release is 4.17.0.
Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against Yarn's official advisory before you patch or upgrade — Yarn official site ↗