Post #78885

🚨 GitHub 监控消息提醒 🚨发现关键词：#CVE-2026 📦项目名称：CVE-2026-npm-bin-links-RCE-Exploit 👤项目作者：Anh-Khoa-PC 🛠开发语言： JavaScript ⭐Star数量： 0 | 🍴Fork数量： 0 📅更新时间： 2026-04-05 05:39:49 📝项目描述： A critical Path Traversal vulnerability exists in the @npmcli/bin-links library due to insufficient sanitization of the bin field in package.json. By crafting a malicious package with traversal sequences (e.g., ../../), an attacker can escape the intended node_modules/.bin directory during installation. 🔗点击访问项目地址