Lucene search
+L

29 matches found

Snyk
Snyk
added 2026/05/12 3:6 p.m.9 views

Arbitrary Code Injection

Overview protobufjs-cli is a Translates between file formats and generates static code as well as TypeScript definitions. Affected versions of this package are vulnerable to Arbitrary Code Injection via the pbjs static code generation. An attacker can execute arbitrary code by providing crafted...

8.8CVSS6.2AI score0.00395EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/12 3:6 p.m.9 views

10minions-engine (>=0.0.1 <=0.0.4), @1amageek/document-propagator (>=0.10.1 <=1.0.0) +1530 more potentially affected by CVE-2026-44295 via protobufjs-cli (>=1.0.0 <=1.1.3)

protobufjs-cli NPM version =1.0.0, =0.0.1, =0.10.1, =1.1.0, =0.4.0, =1.22.0, =6.2.36, =1.0.0, =1.8.0, =0.0.0-beta.0, =1.0.0, =1.0.1, =3.1.0 and more Source cves: CVE-2026-44295 Source advisory: SNYK:JS-PROTOBUFJSCLI-16643441...

8.7CVSS6AI score0.00395EPSS
Exploits0
Snyk
Snyk
added 2026/05/12 3:1 p.m.13 views

Uncontrolled Recursion

Overview protobufjs-cli is a Translates between file formats and generates static code as well as TypeScript definitions. Affected versions of this package are vulnerable to Uncontrolled Recursion through unbounded recursion when decoding nested message fields. An attacker can exhaust the call...

8.7CVSS5.9AI score0.0058EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/12 3:1 p.m.7 views

@forwardimpact/libcodegen (>=0.1.47 <=0.1.52) potentially affected by CVE-2026-44289 via protobufjs-cli (=2.0.1)

protobufjs-cli NPM version =2.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on protobufjs-cli and may be impacted: - @forwardimpact/libcodegen =0.1.47, =0.1.52 Source cves: CVE-2026-44289 Source advisory: SNYK:JS-PROTOBUFJSCLI-16643263...

7.5CVSS5.8AI score0.0058EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/12 3:1 p.m.7 views

10minions-engine (>=0.0.1 <=0.0.4), @1amageek/document-propagator (>=0.10.1 <=1.0.0) +1530 more potentially affected by CVE-2026-44289 via protobufjs-cli (>=1.0.0 <=1.1.3)

protobufjs-cli NPM version =1.0.0, =0.0.1, =0.10.1, =1.1.0, =0.4.0, =1.22.0, =6.2.36, =1.0.0, =1.8.0, =0.0.0-beta.0, =1.0.0, =1.0.1, =3.1.0 and more Source cves: CVE-2026-44289 Source advisory: SNYK:JS-PROTOBUFJSCLI-16643263...

7.5CVSS6AI score0.0058EPSS
Exploits0
Snyk
Snyk
added 2026/05/12 2:59 p.m.9 views

Command Injection

Overview protobufjs-cli is a Translates between file formats and generates static code as well as TypeScript definitions. Affected versions of this package are vulnerable to Command Injection via pbts. An attacker can execute arbitrary shell commands by supplying file paths containing shell...

8.5CVSS6.1AI score0.00132EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/12 2:59 p.m.7 views

@forwardimpact/libcodegen (>=0.1.47 <=0.1.52) potentially affected by CVE-2026-42290 via protobufjs-cli (=2.0.1)

protobufjs-cli NPM version =2.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on protobufjs-cli and may be impacted: - @forwardimpact/libcodegen =0.1.47, =0.1.52 Source cves: CVE-2026-42290 Source advisory: SNYK:JS-PROTOBUFJSCLI-16643433...

7.8CVSS5.4AI score0.00132EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/12 2:59 p.m.8 views

10minions-engine (>=0.0.1 <=0.0.4), @1amageek/document-propagator (>=0.10.1 <=1.0.0) +1530 more potentially affected by CVE-2026-42290 via protobufjs-cli (>=1.0.0 <=1.1.3)

protobufjs-cli NPM version =1.0.0, =0.0.1, =0.10.1, =1.1.0, =0.4.0, =1.22.0, =6.2.36, =1.0.0, =1.8.0, =0.0.0-beta.0, =1.0.0, =1.0.1, =3.1.0 and more Source cves: CVE-2026-42290 Source advisory: SNYK:JS-PROTOBUFJSCLI-16643433...

7.8CVSS5.7AI score0.00132EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/12 2:59 p.m.12 views

@forwardimpact/libcodegen (>=0.1.47 <=0.1.52) potentially affected by CVE-2026-42290 via protobufjs-cli (=2.0.1)

protobufjs-cli NPM version =2.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on protobufjs-cli and may be impacted: - @forwardimpact/libcodegen =0.1.47, =0.1.52 Source cves: CVE-2026-42290 Source advisory: OSV:GHSA-F84P-CVGM-XGJJ...

7.8CVSS5.4AI score0.00132EPSS
Exploits0
Rows per page
Query Builder