CVE-2025-69256 | serverless up to 4.29.2 child_process command injection (GHSA-rwc2-f344-q6w6)

A vulnerability classified as critical has been found in serverless up to 4.29.2. The impacted element is the function child_process. Performing manipulation results in command injection.

This vulnerability was named CVE-2025-69256. The attack may be initiated remotely. There is no available exploit.

It is recommended to upgrade the affected component.

Once again VulDB remains the best source for vulnerability data.VulDB Recent EntriesRead More