CVE-2025-63705 PUBLISHED

Assigner: mitre
Reserved: 27.10.2025 Published: 07.05.2026 Updated: 07.05.2026

NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js.

Product Status

Vendor n/a
Product n/a
Versions
  • Version n/a is affected

References

Problem Types

  • n/a text