CVE-2025-9288: sha.js: Missing type checks leading to hash rewind and passing on crafted data

Severity: Critical

CVSS Score: 9.1

Improper Input Validation vulnerability in sha.js allows Input Data Manipulation.This issue affects sha.js: through 2.4.11.