2 matches found
CVE-2026-53633
A flaw was found in Vitest Browser Mode, a component of the Vitest testing framework. The cdp API exposed raw Chrome DevTools Protocol CDP methods without proper security restrictions. This vulnerability allows a remote attacker, with access to browser API metadata, to leverage CDP functions like...
GHSA-7F5C-RPF4-86P8 Insertion of Sensitive Information into Externally-Accessible File or Directory and Exposure of Sensitive Information to an Unauthorized Actor in hbs
The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express rende...