CVE-2026-26318 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

systeminformation is a System and OS information library for node.js. Versions prior to 5.31.0 are vulnerable to command injection via unsanitized `locate` outp…
High CVSS: 8.8

CVE-2026-26318

systeminformation is a System and OS information library for node.js. Versions prior to 5.31.0 are vulnerable to command injection via unsanitized `locate` output in `versions()`. Version 5.31.0 fixes the issue.
Vendor
Systeminformation
Product
Systeminformation
CWE
CWE-78
Yayın Tarihi
2026-02-19 20:25:44
Güncelleme
2026-02-20 19:51:20
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-78 Systeminformation HIGH Systeminformation 2026

Referanslar

https://github.com/sebhildebrandt/systeminformation/commit/b67d3715eec881038ccbaace2f2711419ac3e107 https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-5vv4-hvf7-2h46