CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

SUSE CVE•added 2026/02/21 12:24 a.m.•5 views

SUSE CVE-2026-26318

systeminformation is a System and OS information library for node.js. Versions prior to 5.31.0 are vulnerable to command injection via unsanitized locate output in versions. Version 5.31.0 fixes the issue...

8.8CVSS5.8AI score0.00994EPSS

Exploits1References3

OSV•added 2026/02/19 8:25 p.m.•3 views

DEBIAN-CVE-2026-26318

8.8CVSS5.8AI score0.00994EPSS

Exploits1References1

Cvelist•added 2026/02/19 7:48 p.m.•24 views

CVE-2026-26318 systeminformation has Command Injection via Unsanitized `locate` Output in `versions()`

8.8CVSS0.00994EPSS

Exploits1References2

Vulnrichment•added 2026/02/19 7:48 p.m.•4 views

CVE-2026-26318 systeminformation has Command Injection via Unsanitized `locate` Output in `versions()`

8.8CVSS5.5AI score0.00994EPSS

Exploits1References2

OSV•added 2026/02/19 7:48 p.m.•4 views

CVE-2026-26318 systeminformation has Command Injection via Unsanitized `locate` Output in `versions()`

8.8CVSS5.6AI score0.00994EPSS

Exploits1References4

Debian CVE•added 2026/02/19 7:48 p.m.•6 views

CVE-2026-26318

8.8CVSS5.8AI score0.00994EPSS

Exploits1

CNNVD•added 2026/02/19 12:0 a.m.•4 views

systeminformation 操作系统命令注入漏洞

SystemInformation is a NPM library developed by Sebastian Hildebrandt that allows access to operating system information. Versions of SystemInformation prior to 5.31.0 contained a vulnerability related to operating system command injection, caused by uncleaned locate output in the versions...

8.8CVSS5.8AI score0.00994EPSS

Exploits1References2

Github Security Blog•added 2026/02/18 10:36 p.m.•13 views

Command Injection via Unsanitized `locate` Output in `versions()` — systeminformation

Command Injection via Unsanitized locate Output in versions — systeminformation Package: systeminformation npm Tested Version: 5.30.7 Affected Platform: Linux Author: Sebastian Hildebrandt Weekly Downloads: 5,000,000+ Repository: https://github.com/sebhildebrandt/systeminformation Severity: Mediu...

8.8CVSS6.1AI score0.00994EPSS

Exploits1References4Affected Software1

OSV•added 2026/02/18 10:36 p.m.•5 views

GHSA-5VV4-HVF7-2H46 Command Injection via Unsanitized `locate` Output in `versions()` — systeminformation

8.8CVSS6.1AI score0.00994EPSS

Exploits1References4

Positive Technologies•added 2026/02/18 12:0 a.m.•5 views

PT-2026-20783

Name of the Vulnerable Software and Affected Versions systeminformation versions prior to 5.31.0 Description The systeminformation library for node.js is susceptible to command injection through unsanitized output from the locate command within the versions function. This occurs when detecting th...

8.8CVSS6AI score0.00994EPSS

Exploits1References17

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by