Back to CVE List

CVE-2026-44728

HIGH SEVERITY

CVSS Score & Metrics

Base Score
8.2 / 10
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Vulnerability Description

Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and 8.0.0-alpha.13.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-94
Source
GitHub
Vendor
npm
Product
@babel/plugin-transform-modules-systemjs

External References

Discussion (0)

Add Comment

No comments yet. Be the first!