CVE-2026-10796 | nvm-sh nvm up to 0.40.4 nvm_download os command injection

Inserito da Angelo Barbosa | Giu 4, 2026 | CVE

A vulnerability described as critical has been identified in nvm-sh nvm up to 0.40.4. This issue affects the function nvm_download. The manipulation results in os command injection.

This vulnerability is cataloged as CVE-2026-10796. The attack may be launched remotely. There is no exploit available.

CVE-2026-10796 | nvm-sh nvm up to 0.40.4 nvm_download os command injection

Post correlati

CVE-2024-10040 | Infinite-Scroll Plugin up to 2.6.2 on WordPress Setting cross-site request forgery

CVE-2024-5122 | SourceCodester Event Registration System 1.0 /registrar/ search sql injection

CVE-2024-7061 | Okta Verify 5.0.0/5.0.1 on Windows path traversal

CVE-2026-45130 | vim up to 9.2.0449 Spell File src/spellfile.c read_compound length heap-based overflow (GHSA-q4jv-r9gj-6cwv)