5 matches found
CVE-2026-32260
Deno is a JavaScript, TypeScript, and WebAssembly runtime. From 2.7.0 to 2.7.1, A command injection vulnerability exists in Deno's node:childprocess polyfill shell: true mode that bypasses the fix for CVE-2026-27190. The two-stage argument sanitization in transformDenoShellCommand...
Deno 操作系统命令注入漏洞
Deno is a simple, modern, and secure JavaScript and TypeScript runtime environment developed by Deno itself. Version 2.7.0 to 2.7.1 of Deno contains a vulnerability related to operating system command injection. This vulnerability stems from a command injection issue within the node:childprocess...
Malicious Package
Overview node-polyfill-webpack-plugins is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2024-11407 Malicious code in node-polyfill-webpack-plugins (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in node-polyfill-webpack-plugins (npm)
--- -= Per source details. Do not edit below this line.=-...