CVE-2026-32304 | locutusjs locutus up to 3.0.13 eval args/code code injection

March 13, 2026 Yanac

A vulnerability classified as critical was found in locutusjs locutus up to 3.0.13. This affects the function eval. Such manipulation of the argument args/code leads to code injection.

This vulnerability is listed as CVE-2026-32304. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More

CVE-2026-32598 | oneuptime up to 10.0.23 Password Reset log file
CVE-2026-32322 | stellar rs-soroban-sdk up to 22.0.10/23.5.2/25.2.x Fr Handler modulus r comparison