CVE-2026-44728
HIGH SEVERITYCVSS Score & Metrics
Base Score
8.2 / 10
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Vulnerability Description
Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and 8.0.0-alpha.13.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-94
Source
GitHub
Vendor
npm
Product
@babel/plugin-transform-modules-systemjs
Discussion (0)
Add Comment
No comments yet. Be the first!