Severity: Critical
CVSS Score: 5.6
All versions of package lutils are vulnerable to Prototype Pollution via the main (merge) function.