CVE-2026-15895 in jsiiinformação

Sumário

de MITRE • 15/07/2026

OS command injection in the npm package loading component in AWS jsii-diff before 1.131.0 might allow context-dependent attackers to execute arbitrary commands via crafted package specifiers passed to the npm: source argument.



To mitigate this issue, users should upgrade to jsii-diff v1.131.0 or later.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsável

AMZN

Reservar

15/07/2026

Divulgação

15/07/2026

Moderação

aceite

Entrada

VDB-379370

CPE

pronto

EPSS

0.00000

KEV

não

Atividades

muito baixo

Fontes

Might our Artificial Intelligence support you?

Check our Alexa App!