VYPR

npm package

shamefile

pkg:npm/shamefile

Vulnerabilities (1)

  • CVE-2026-47144May 28, 2026
    affected < 0.1.7fixed 0.1.7

    ### Impact A path traversal vulnerability in `shame next` allows an attacker-controlled `shamefile.yaml` to disclose contents of files outside the repository, one line at a time, to the terminal of a user who runs the command. See patch commit for technical details. ### Patches