Skip to main content

Binary Parser

1 CVEs product

Monthly

CVE-2026-1245 npm MEDIUM PATCH This Month

Unsafe code generation in binary-parser prior to version 2.3.0 allows remote code execution when processing untrusted input for parser field names or encoding parameters. Node.js applications using vulnerable versions of the library can be compromised to execute arbitrary JavaScript with process-level privileges. A patch is available and exploitation requires no authentication or user interaction.

Node.js Code Injection Binary Parser
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Unsafe code generation in binary-parser prior to version 2.3.0 allows remote code execution when processing untrusted input for parser field names or encoding parameters. Node.js applications using vulnerable versions of the library can be compromised to execute arbitrary JavaScript with process-level privileges. A patch is available and exploitation requires no authentication or user interaction.

Node.js Code Injection Binary Parser
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy