High CVE-2026-11417 OS command injection in the NodejsFunction local bundling pipeline in aws-cdk-lib before 2.245.0 (2.246.0 on Windows) might allow an actor who controls the value of one or more bundling properties (externalModules, define, loader, inject, or esbuildArgs) to execute arbitrary...

#Sicherheitslücke #Malware #Windows #Cloud

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

[High] CVE-2026-11417 – OS command injection in the NodejsFunction local bundling pipeline in aws-cdk-li...

VERWANDTEARTIKEL

CVE-2026-42908

CVE-2026-45639

[High] CVE-2026-53738 – Copy & Delete Posts through 1.5.4 lets any plugin-enabled non-admin role invoke ...

[Medium] CVE-2026-53739 – Yoast Duplicate Post through 4.6 contains a cross-site request forgery vulnerabi...

[Medium] CVE-2026-53740 – Yoast Duplicate Post through 4.6 inserts an unescaped post title and permalink i...

[Medium] CVE-2026-53741 – Simple Link Directory through 9.0.4 interpolates the sld_no_results_found option...