CVE-2025-63706 | THREATINT

Description

NPM package next-npm-version1.0.1 is vulnerable to Command injection.

PUBLISHED Reserved 2025-10-27 | Published 2026-05-07 | Updated 2026-05-07 | Assigner mitre

References

github.com/afeiship/next-npm-version/issues/1

www.npmjs.com/package/@jswork/next-npm-version

gist.github.com/6en6ar/607368f1fc8fe429f03c6e0d9486ba72

cve.org (CVE-2025-63706)

nvd.nist.gov (CVE-2025-63706)

Download JSON

help @ threatint.eu