CVE-2026-44728
Essential information
- Published
- 26/05/2026 18:16
- Modified
- 27/05/2026 18:21
- Author
- —
- Creator
- —
- CVSS
- 8.2 HIGH (v3.1)
- CISA KEV
- No
- CWE
- —
- CVSS vector
-
—
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H—
CVSS metrics
- Access vector
- —
- Access complexity
- —
- Authentication
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploitability
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- LOCAL
- Attack complexity
- LOW
- Privileges required
- LOW
- User interaction
- REQUIRED
- Scope
- CHANGED
- Confidentiality impact
- HIGH
- Integrity impact
- HIGH
- Availability impact
- HIGH
- Exploit code maturity
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- —
- Attack complexity
- —
- Attack requirements
- —
- Privileges required
- —
- User interaction
- —
- Confidentiality (V)
- —
- Confidentiality (S)
- —
- Integrity (V)
- —
- Integrity (S)
- —
- Availability (V)
- —
- Availability (S)
- —
- Exploit maturity
- —
Description
Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and 8.0.0-alpha.13.
NVD status
- Status
- Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- [email protected]
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| babel / babel | cpe:2.3:a:babel:babel:*:*:*:*:*:*:*:* |
| babel / babel | cpe:2.3:a:babel:babel:8.0.0:alpha0:*:*:*:*:*:* |
| babel / babel | cpe:2.3:a:babel:babel:8.0.0:alpha1:*:*:*:*:*:* |
| babel / babel | cpe:2.3:a:babel:babel:8.0.0:alpha10:*:*:*:*:*:* |
| babel / babel | cpe:2.3:a:babel:babel:8.0.0:alpha11:*:*:*:*:*:* |
| babel / babel | cpe:2.3:a:babel:babel:8.0.0:alpha12:*:*:*:*:*:* |
| babel / babel | cpe:2.3:a:babel:babel:8.0.0:alpha2:*:*:*:*:*:* |
| babel / babel | cpe:2.3:a:babel:babel:8.0.0:alpha3:*:*:*:*:*:* |
| babel / babel | cpe:2.3:a:babel:babel:8.0.0:alpha4:*:*:*:*:*:* |
| babel / babel | cpe:2.3:a:babel:babel:8.0.0:alpha5:*:*:*:*:*:* |
| babel / babel | cpe:2.3:a:babel:babel:8.0.0:alpha6:*:*:*:*:*:* |
| babel / babel | cpe:2.3:a:babel:babel:8.0.0:alpha7:*:*:*:*:*:* |
| babel / babel | cpe:2.3:a:babel:babel:8.0.0:alpha8:*:*:*:*:*:* |
| babel / babel | cpe:2.3:a:babel:babel:8.0.0:alpha9:*:*:*:*:*:* |