CVE-2026-42089 | yeoman environment up to 6.0.0 installLocalGenerators inclusion of functionality from untrusted control sphere (GHSA-vv9j-gjw2-j8wp)

Inserito da Angelo Barbosa | Giu 16, 2026 | CVE

A vulnerability identified as problematic has been detected in yeoman environment up to 6.0.0. Affected is the function installLocalGenerators. This manipulation causes inclusion of functionality from untrusted control sphere.

The identification of this vulnerability is CVE-2026-42089. The attack can only be executed locally. There is no exploit available.

You should upgrade the affected component.

CVE-2026-42089 | yeoman environment up to 6.0.0 installLocalGenerators inclusion of functionality from untrusted control sphere (GHSA-vv9j-gjw2-j8wp)

Post correlati

CVE-2024-52906 | IBM AIX/VIOS TCP IP Kernel denial of service

CVE-2024-35150 | IBM Maximo Application Suite 8.10.12/8.11.0/9.0.1/9.1.0 Monitor neutralization for logs

CVE-2025-9569 | Sunnet eHRD CTMS cross site scripting

CVE-2024-23773 | Quest KACE Agent 12.0.38/13.1.23.0 on Windows KSchedulerSvc.exe denial of service