CVE Alerts : CVE-2026-1665 - Command Injection in nvm via NVM_AUTH_HEADER in wget code path CVE ID : CVE-2026-1665 Published : Jan. 29, 2026, 11:16 p.m. | 1 hour, 54 minutes ago Description : A command injection vulnerability exists in nvm (Node Version Manager) versions 0.40.3 and b...

See full post

CVE Alerts cve.skyfleet.blue
CVE-2026-1665 - Command Injection in nvm via NVM_AUTH_HEADER in wget code path CVE ID : CVE-2026-1665 Published : Jan. 29, 2026, 11:16 p.m. | 1 hour, 54 minutes ago Description : A command injection vulnerability exists in nvm (Node Version Manager) versions 0.40.3 and b...
CVE-2026-1665 - Command Injection in nvm via NVM_AUTH_HEADER in wget code path

A command injection vulnerability exists in nvm (Node Version Manager) versions 0.40.3 and below. The nvm_download() function uses eval to execute wget commands, and the NVM_AUTH_HEADER environment variable was not sanitized in the wget code path (though it was sanitized in the curl code path). An attacker who can set …

cvefeed.io
Jan 30, 2026 02:10
0 reposts 0 quotes 0 likes

View on Bluesky Show all post labels

An unhandled error has occurred. Reload 🗙