CVE-2016-10664
The CVE-2016-10664 issue affects the mystem Node.js wrapper for Yandex MyStem, where binary resources are downloaded over HTTP. This enables a MITM attacker with network access to swap the requested binary for a malicious one, potentially causing remote code execution on the host. The affected be...