Nodejs

The undici library, when using `Socks5ProxyAgent`, is vulnerable to cross-origin request routing if a single connection pool is reused across different origins, potentially misdirecting requests and credentials, trusting responses from the wrong origin, and silently downgrading HTTPS requests to HTTP (CVE-2026-6734).

The `undici` WebSocket client is vulnerable to CVE-2026-12151, a high-severity denial of service attack where a malicious WebSocket server can stream numerous small continuation frames that bypass `maxPayloadSize` checks, causing unbounded memory growth and exhaustion in affected client processes.

A critical command injection vulnerability exists in the `npm:praisonai` package versions >= 1.2.3 and <= 1.7.1, where the `SandboxExecutor`'s `allowedCommands` policy is bypassed by allowing arbitrary shell command chaining after an allowlisted command, leading to remote code execution with the PraisonAI process privileges.

The npm package `praisonai` versions 1.5.1 through 1.7.1 contains a command injection vulnerability (GHSA-5jv7-2mjm-h6qj) in its `utility-tools.shell()` helper, which allows attackers to bypass a 'safe read-only' command allowlist by appending arbitrary shell commands with metacharacters after an allowed command, leading to arbitrary code execution with the PraisonAI process privileges.

Nodemailer versions up to 9.0.0 are vulnerable to arbitrary local file read and full-response Server-Side Request Forgery (SSRF) when handling untrusted input for the message-level `raw` option, bypassing intended security flags and allowing sensitive content to be exfiltrated via an attacker-controlled recipient.

The Lazarus Group is conducting a brandjacking campaign on npm, using dozens of malicious packages like 'buffer-utilities' to deploy a Node.js backdoor that collects host information, establishes C2 communication, and maintains persistent attacker-controlled code execution, primarily targeting developers.

CVE-2025-23167 describes a request smuggling vulnerability in Node.js 20's HTTP parser due to improper header termination, allowing attackers to bypass proxy access controls.

CVE-2026-21711 allows code running under the Node.js permission model without network access to create and expose local IPC endpoints via Unix Domain Sockets, bypassing intended network restrictions and enabling inter-process communication.

Detection of uncommon DNS requests originating from Bun or Node.js processes, potentially indicating malicious code execution following a supply chain attack.

Multiparty versions 4.2.3 and lower are vulnerable to denial of service via prototype pollution, where a crafted multipart/form-data request with a field name colliding with an Object.prototype property triggers a TypeError, leading to an uncaught exception and process crash.

The fast-jwt library is vulnerable to JWT Algorithm Confusion via Whitespace-Prefixed RSA Public Key due to an incomplete fix for CVE-2023-48223, allowing attackers to bypass intended security measures by exploiting leading whitespace in the RSA public key, enabling attackers to sign arbitrary payloads that will be accepted by the verifier, potentially leading to privilege escalation.

The node-tesseract-ocr npm package through version 2.2.1 is vulnerable to OS command injection due to improper sanitization of the file path parameter in the recognize() function, potentially allowing for arbitrary command execution.

A sandbox escape vulnerability exists in vm2 versions 3.10.5 and earlier that allows sandboxed code to crash the host Node.js process via a Promise constructor that triggers an unhandled rejection, leading to a denial-of-service condition.

This rule detects suspicious Node.js execution patterns on Windows systems, including user-writable runtimes, preload arguments, and inline eval, decode, or child-process usage, indicating potential malicious activity.