CVE-2025-65026 | esm-dev esm.sh up to 135 CDN Service module code injection (GHSA-hcpf-qv9m-vfgp)

A vulnerability identified as critical has been detected in esm-dev esm.sh up to 135. The impacted element is an unknown function of the component CDN Service. The manipulation of the argument module leads to code injection.

This vulnerability is traded as CVE-2025-65026. It is possible to initiate the attack remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More