CVE Field Guide
About Us
CVE-2025-63706
PUBLISHED
Assigner:
mitre
Reserved:
27.10.2025
Published:
07.05.2026
Updated:
07.05.2026
NPM package next-npm-version1.0.1 is vulnerable to Command injection.
Product Status
Vendor
n/a
Product
n/a
Versions
Version n/a is affected
References
https://github.com/afeiship/next-npm-version/issues/1
https://www.npmjs.com/package/@jswork/next-npm-version
https://gist.github.com/6en6ar/607368f1fc8fe429f03c6e0d9486ba72
Problem Types
n/a
text