2 matches found
CVE-2026-44728 Improper Control of Generation of Code when compiling specifically crafted malicious code with @babel/plugin-transform-modules-systemjs
Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and...
@2kk/miniprogram-ci (>=0.0.2 <=0.0.8), @agilejs/cli (=1.0.0) +326 more potentially affected by CVE-2026-44728 via @babel/plugin-transform-modules-systemjs (>=7.12.1 <=7.29.0)
@babel/plugin-transform-modules-systemjs NPM version =7.12.1, =0.0.2, =1.0.0, =7.21.4-esm.2, =2.1.0-alpha.0, =2.1.0-alpha.0, =2.1.0-alpha.0, =2.1.0-alpha.74, =1.0.0, =1.1.5 and more Source cves: CVE-2026-44728 Source advisory: OSV:GHSA-FV7C-FP4J-7GWP...