2 matches found
CVE-2026-48068
@grpc/grps-js implements the core functionality of gRPC purely in JavaScript, without a C++ addon. Prior to 1.9.16, 1.10.12, 1.11.4, 1.12.7, 1.13.5, and 1.14.4, an invalid incoming HTTP/2 stream initiation can cause a server process created using @grpc/grpc-js to crash. This issue is fixed in...
CVE-2026-48068 vulnerabilities
Vulnerabilities for packages: jitsucom-jitsu, opentelemetry-auto-instrumentations-node, pulumi, gemini-cli, kibana, langfuse-fips, langfuse, cadence-web...