CVE Catalog

CVE-2025-63706

Critical
Published: Translated: NVD NIST

Summary

The NPM package next-npm-version version 1.0.1 is vulnerable to Command injection, which may allow an attacker to execute unauthorized commands on the system.

Risk Assessment

Exploitation of this vulnerability could lead to system compromise or access to sensitive data.

Recommendation

It is recommended to update the next-npm-version package to the latest version to mitigate this vulnerability.

Original NVD description (English source)

NPM package next-npm-version1.0.1 is vulnerable to Command injection.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS