Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/06/29 5:2 a.m.8 views

CVE-2026-49356

A flaw was found in @babel/core. This vulnerability allows an attacker, who controls the input source code and can read the output, to perform an arbitrary file read. By compiling maliciously crafted code containing a sourceMappingURL comment, the attacker can read any source map file from the...

3.6CVSS6AI score0.00116EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-49356

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingUR...

3.6CVSS6.2AI score0.00116EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 6:16 p.m.3 views

DEBIAN-CVE-2026-49356

Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile maliciously crafted code can allow an attacker to read any source map from the system that is...

3.6CVSS6AI score0.00116EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 4:7 p.m.4 views

CVE-2026-49356

Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile maliciously crafted code can allow an attacker to read any source map from the system that is...

3.2CVSS6AI score0.00116EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/22 4:7 p.m.29 views

CVE-2026-49356 Babel: Arbitrary File Read via sourceMappingURL Comment in @babel/core

Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile maliciously crafted code can allow an attacker to read any source map from the system that is...

3.2CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 4:7 p.m.56 views

CVE-2026-49356

CVE-2026-49356 affects @babel/core (Babel) prior to versions 8.0.0-rc.6 and 7.29.6. The issue allows an arbitrary file read via a sourceMappingURL comment in the input code, enabling reading of source maps from the system running Babel when the attacker controls the input source code and knows th...

3.6CVSS6AI score0.00116EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/06/22 4:7 p.m.6 views

CVE-2026-49356

Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile maliciously crafted code can allow an attacker to read any source map from the system that is...

3.6CVSS6AI score0.00116EPSS
Exploits0
OSV
OSV
added 2026/06/15 5:14 p.m.43 views

GHSA-4X5R-PXFX-6JF8 @babel/core: Arbitrary File Read via sourceMappingURL Comment

Impact Using @babel/core to compile maliciously crafted code can allow ab attacker to read any source map from the system that is running Babel, if these conditions are all true: - the attacker controls the input source code - the attacker can read the output source code - the attacker knows the...

3.2CVSS5.4AI score0.00116EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/15 5:14 p.m.98 views

@babel/core: Arbitrary File Read via sourceMappingURL Comment

Impact Using @babel/core to compile maliciously crafted code can allow ab attacker to read any source map from the system that is running Babel, if these conditions are all true: - the attacker controls the input source code - the attacker can read the output source code - the attacker knows the...

3.6CVSS5.3AI score0.00116EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.16 views

PT-2026-49556

Name of the Vulnerable Software and Affected Versions @babel/core versions prior to 7.29.6 @babel/core versions prior to 8.0.0-rc.6 Description Compiling maliciously crafted code using @babel/core can allow an attacker to read any source map from the system. This occurs when the attacker controls...

3.6CVSS5.9AI score0.00116EPSS
Exploits0References8
Rows per page
Query Builder