Sign in Get started

← All advisories

Critical severity9.8NVD Advisory· Published May 7, 2026· Updated May 8, 2026

CVE-2025-63706

CVE-2025-63706

Description

NPM package next-npm-version1.0.1 is vulnerable to Command injection.

Affected products

1

@jswork/@jswork/next Npm Versionreferences
Package: https://npmjs.com/package/@jswork/next-npm-version

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

github.com/advisories/GHSA-2xx6-qf7x-grqhghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2025-63706ghsaADVISORY
gist.github.com/6en6ar/607368f1fc8fe429f03c6e0d9486ba72nvdWEB
github.com/afeiship/next-npm-version/issues/1nvdWEB
www.npmjs.com/package/@jswork/next-npm-versionnvdWEB

News mentions

0

No linked articles in our index yet.