CVE-2026-46421
CRITICAL SEVERITYVulnerability Description
Supply chain compromise via malicious package versions (@cap-js/sqlite, @cap-js/postgres, @cap-js/db-service)
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
npm
Product
@cap-js/sqlite
External References
- https://github.com/cap-js/cds-dbs/security/advisories/GHSA-pvw4-cvr4-97p8
- https://me.sap.com/notes/3747787
- https://www.sap.com/documents/2026/05/8203a8b9-4d7f-0010-bca6-c68f7e60039b.html
- https://www.stepsecurity.io/blog/a-mini-shai-hulud-has-appeared
- https://github.com/advisories/GHSA-pvw4-cvr4-97p8
Discussion (0)
Add Comment
No comments yet. Be the first!