fast-xml-parser (<5.3.5) CRITICAL flaw: attackers can override XML entities, causing XSS. Upgrade to 5.3.5+ now if your apps parse XML! radar.offseq.com/threat/cve-2026-25896-cw... #OffSeq #XSS #NodeSecurity
0
0
0
0
#NodeSecurity
Latest posts tagged with #NodeSecurity on Bluesky
Trending
#U.S. Foreign Policy
#F1
#Chinese Grand Prix
#SNL
#Venezuela Baseball
#AEW Collision
#Six Nations
#Newcastle United
#Arsenal vs Everton
#Trump and Epstein
#U.S. Foreign Policy
#F1
#Chinese Grand Prix
#SNL
#Venezuela Baseball
#AEW Collision
#Six Nations
#Newcastle United
#Arsenal vs Everton
#Trump and Epstein
Posts tagged #NodeSecurity
‼️ A critical issue has landed for anyone building with Elysia.js. CVE-2025-66456 allows attackers to achieve remote code execution through a prototype-pollution pathway in certain schema-validation flows. buff.ly/RCQHiLI
#ElysiaJS #CVE202566456 #RCE #AppSec #NodeSecurity #TypeScript 🧵1/5
1
1
1
0
🧮 expr-eval — a popular math evaluator — was marketed as a safer alternative to raw eval. A validation bug lets attackers slip functions or crafted prototypes into variables and break out of the sandbox, leading to #RCE. CVE-2025-12735
#NodeSecurity #SupplyChainSecurity #OpenSourceSecurity
🧵2/4
0
0
1
0
Malicious npm package targets Node.js apps via SMTP abuse—developers must audit dependencies and monitor for covert exfiltration. 📦📤 #SupplyChainRisk #NodeSecurity
buff.ly/bR2i1Jr
0
0
0
0