Topic: javascript vulnerability

Sort by: Relevance | Date
  • Critical RCE Flaw Found in Popular expr-eval JavaScript Library
    November 11, 2025
    100%

    Critical RCE Flaw Found in Popular expr-eval JavaScript Library

    A critical remote code execution vulnerability (CVE-2025-12735) has been found in the widely used expr-eval JavaScript library, affecting over 800,000 weekly downloads and posing severe risks to dependent applications. The flaw arises from improper validation in the Parser.evaluate() function, al...

    Read More »

Related Topics

code execution (1) security patch (1) cisa advisory (1) cve identification (1) security researcher (1) input validation (1) expression parser (1) npm downloads (1)