CVE-2026-29186

A flaw was found in Backstage. The backstage/plugin-techdocs-node package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an mkdocs.yml file that causes arbitrary Python code execution...

CVE-2026-29186

Summary: CVE-2026-29186 affects Backstage prior to version 1.14.3, due to a gap in the allowlist used by the @backstage/plugin-techdocs-node when processing MkDocs configuration keys. This gap enables an attacker to craft an mkdocs.yml that leads to arbitrary Python code execution, bypassing Tech...

CVE-2026-25153

Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, when TechDocs is configured with runIn: local, a malicious actor who...

CVE-2026-25153

Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, when TechDocs is configured with runIn: local, a malicious actor who...

Backstage Code Injection Vulnerability

Backstage is an open-source application developed by Backstage. It serves as an open platform for building developer portals. Versions of Backstage prior to 1.13.11 and 1.14.1 contained a code injection vulnerability. This vulnerability stemmed from the ability to configure malicious hooks in the...

EUVD-2021-1371

Malware in sbrugna...

Directory Traversal

@backstage/techdocs-common is vulnerable to directory traversal. An attacker can read arbitrary system files from the environment where TechDocs documentation is built and published by setting a particular path for docsdir in mkdocs.yml...

Path traversal

Impact A malicious actor could read sensitive files from the environment where TechDocs documentation is built and published by setting a particular path for docsdir in mkdocs.yml. These files would then be available over the TechDocs backend API. This vulnerability is mitigated by the fact that ...

GHSA-PGF8-28GG-VPR6 Path traversal

Impact A malicious actor could read sensitive files from the environment where TechDocs documentation is built and published by setting a particular path for docsdir in mkdocs.yml. These files would then be available over the TechDocs backend API. This vulnerability is mitigated by the fact that ...

CVE-2021-32662

Backstage is an open platform for building developer portals, and techdocs-common contains common functionalities for Backstage's TechDocs. In @backstage/techdocs-common versions prior to 0.6.3, a malicious actor could read sensitive files from the environment where TechDocs documentation is buil...

CVE-2021-32662

Backstage is an open platform for building developer portals, and techdocs-common contains common functionalities for Backstage's TechDocs. In @backstage/techdocs-common versions prior to 0.6.3, a malicious actor could read sensitive files from the environment where TechDocs documentation is buil...

Design/Logic Flaw

Backstage is an open platform for building developer portals, and techdocs-common contains common functionalities for Backstage's TechDocs. In @backstage/techdocs-common versions prior to 0.6.3, a malicious actor could read sensitive files from the environment where TechDocs documentation is buil...

CVE-2021-32662 TechDocs mkdocs.yml path traversal

Backstage is an open platform for building developer portals, and techdocs-common contains common functionalities for Backstage's TechDocs. In @backstage/techdocs-common versions prior to 0.6.3, a malicious actor could read sensitive files from the environment where TechDocs documentation is buil...

Techdocs-common 路径遍历漏洞

NPM Techdocs-common is a package from npm USA. A path traversal vulnerability exists in Techdocs-common, which allows an attacker to read sensitive files from the environment where TechDocs documents are built and distributed by setting a specific path to "docsdir" in "mkdocs.yml"...