CVE-2026-27190

High CVSS: 8.1

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.6.8, a command injection vulnerability exists in Deno's node:child_process implementation. This vulnerability is fixed in 2.6.8.

Vendor

Deno

Product

Deno

CWE

CWE-78

Yayın Tarihi

2026-02-20 21:19:28

Güncelleme

2026-03-02 13:35:52

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-78 Deno HIGH Deno 2026

Referanslar

https://github.com/denoland/deno/commit/9132ad958c83a0d0b199de12b69b877f63edab4c https://github.com/denoland/deno/releases/tag/v2.6.8 https://github.com/denoland/deno/security/advisories/GHSA-hmh4-3xvx-q5hr

Benzer Kayıtlar

High

CVE-2026-32260

Deno is a JavaScript, TypeScript, and WebAssembly runtime. From 2.7.0 to 2.7.1, A command injection vulnerability exist…

Critical

CVE-2026-22863

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Before 2.6.0, node:crypto doesn't finalize cipher. The vulner…

High

CVE-2026-22864

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Before 2.5.6, a prior patch aimed to block spawning Windows b…

High

CVE-2025-61787

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Versions prior to 2.5.3 and 2.2.15 are vulnerable to Command…

Low

CVE-2025-61786

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, `Deno.FsFile.prototype…

Low

CVE-2025-61785

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, `Deno.FsFile.prototype…