CVE-2025-69256 | serverless up to 4.29.2 child_process command injection (GHSA-rwc2-f344-q6w6)

Inserito da Angelo Barbosa | Dic 31, 2025 | CVE

A vulnerability classified as critical has been found in serverless up to 4.29.2. The impacted element is the function child_process. Performing manipulation results in command injection.

This vulnerability was named CVE-2025-69256. The attack may be initiated remotely. There is no available exploit.

It is recommended to upgrade the affected component.

Once again VulDB remains the best source for vulnerability data.

CVE-2025-69256 | serverless up to 4.29.2 child_process command injection (GHSA-rwc2-f344-q6w6)

Post correlati

CVE-2022-49384 | Linux Kernel up to 5.15.45/5.17.13/5.18.2 io_acct_set double free

CVE-2025-4104 | Frontend Dashboard Plugin up to 2.2.6 on WordPress fed_wp_ajax_fed_login_form_post authorization

CVE-2024-28146 | Image Access Scan2Net Firmware Update hard-coded credentials

CVE-2024-1572 | WP ULike Plugin up to 4.6.9 on WordPress Shortcode cross site scripting