Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2026-27606

Опубликовано: 25 фев. 2026
Источник: nvd
CVSS3: 9.8
EPSS Низкий

Описание

Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler (specifically v4.x and present in current source) is vulnerable to an Arbitrary File Write via Path Traversal. Insecure file name sanitization in the core engine allows an attacker to control output filenames (e.g., via CLI named inputs, manual chunk aliases, or malicious plugins) and use traversal sequences (../) to overwrite files anywhere on the host filesystem that the build process has permissions for. This can lead to persistent Remote Code Execution (RCE) by overwriting critical system or user configuration files. Versions 2.80.0, 3.30.0, and 4.59.0 contain a patch for the issue.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:rollupjs:rollup:*:*:*:*:*:node.js:*:*
Версия до 2.80.0 (исключая)
cpe:2.3:a:rollupjs:rollup:*:*:*:*:*:node.js:*:*
Версия от 3.0.0 (включая) до 3.30.0 (исключая)
cpe:2.3:a:rollupjs:rollup:*:*:*:*:*:node.js:*:*
Версия от 4.0.0 (включая) до 4.59.0 (исключая)

EPSS

Процентиль: 49%
0.00257
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-22

Связанные уязвимости

ubuntu логотип

CVE-2026-27606

CVSS3: 9.8
ubuntu
около 1 месяца назад

Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler (specifically v4.x and present in current source) is vulnerable to an Arbitrary File Write via Path Traversal. Insecure file name sanitization in the core engine allows an attacker to control output filenames (e.g., via CLI named inputs, manual chunk aliases, or malicious plugins) and use traversal sequences (`../`) to overwrite files anywhere on the host filesystem that the build process has permissions for. This can lead to persistent Remote Code Execution (RCE) by overwriting critical system or user configuration files. Versions 2.80.0, 3.30.0, and 4.59.0 contain a patch for the issue.

redhat логотип

CVE-2026-27606

CVSS3: 9.1
redhat
около 1 месяца назад

Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler (specifically v4.x and present in current source) is vulnerable to an Arbitrary File Write via Path Traversal. Insecure file name sanitization in the core engine allows an attacker to control output filenames (e.g., via CLI named inputs, manual chunk aliases, or malicious plugins) and use traversal sequences (`../`) to overwrite files anywhere on the host filesystem that the build process has permissions for. This can lead to persistent Remote Code Execution (RCE) by overwriting critical system or user configuration files. Versions 2.80.0, 3.30.0, and 4.59.0 contain a patch for the issue.

debian логотип

CVE-2026-27606

CVSS3: 9.8
debian
около 1 месяца назад

Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3 ...

github логотип

GHSA-mw96-cpmx-2vgc

github
около 1 месяца назад

Rollup 4 has Arbitrary File Write via Path Traversal

EPSS

Процентиль: 49%
0.00257
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-22