Skip to main content

Esm Sh

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-65026 Go MEDIUM POC PATCH This Month

esm.sh is a nobuild content delivery network(CDN) for modern web development. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Code Injection XSS Esm Sh Suse
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-65025 Go HIGH POC PATCH This Week

esm.sh is a nobuild content delivery network(CDN) for modern web development. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Node.js Path Traversal Esm Sh Suse
NVD GitHub
CVSS 3.1
8.2
EPSS
0.0%
CVE-2025-65026 Go
EPSS 0% CVSS 6.1
MEDIUM POC PATCH This Month

esm.sh is a nobuild content delivery network(CDN) for modern web development. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Code Injection XSS +2
NVD GitHub
CVE-2025-65025 Go
EPSS 0% CVSS 8.2
HIGH POC PATCH This Week

esm.sh is a nobuild content delivery network(CDN) for modern web development. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Node.js Path Traversal Esm Sh +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy