CVE-2026-25153 | Backstage up to 1.13.10/1.14.0 MkDocs Feature code injection (GHSA-6jr7-99pf-8vgf)

Inserito da Angelo Barbosa | Gen 31, 2026 | CVE

A vulnerability classified as critical was found in Backstage up to 1.13.10/1.14.0. This vulnerability affects unknown code of the component MkDocs Feature. Executing a manipulation can lead to code injection.

This vulnerability appears as CVE-2026-25153. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.

CVE-2026-25153 | Backstage up to 1.13.10/1.14.0 MkDocs Feature code injection (GHSA-6jr7-99pf-8vgf)

Post correlati

CVE-2023-20570 | AMD Alveo Card Configuration State Machine state issue

CVE-2025-24705 | Arshid WooCommerce Quick View Plugin up to 1.1.1 on WordPress authorization

CVE-2024-8376 | Eclipse Mosquitto up to 2.0.18 Packet memory leak

CVE-2024-37406 | Brave Browser up to 1.67.115 on Android Shields Popup ui layer