2 matches found
CVE-2026-11417
creationtimestamp| type| source ---|---|--- 2026-06-10 20:21:33+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mnxjynboly2i 2026-06-13 19:00:11+00:00| published-proof-of-concept| Telegram/UUlhUbRH-lM0c2HkqQnuE7VUmZM0B1Eg2dBpWy1dBuIGV4 2026-06-13 21:00:04+00:00|...
CVE-2026-11417
OS command injection in the NodejsFunction local bundling pipeline in aws-cdk-lib before 2.245.0 2.246.0 on Windows might allow an actor who controls the value of one or more bundling properties externalModules, define, loader, inject, or esbuildArgs to execute arbitrary commands on the host...