Количество 3
Количество 3
CVE-2026-27971
Qwik is a performance focused javascript framework. qwik <=1.19.0 is vulnerable to RCE due to an unsafe deserialization vulnerability in the server$ RPC mechanism that allows any unauthenticated user to execute arbitrary code on the server with a single HTTP request. Affects any deployment where require() is available at runtime. This vulnerability is fixed in 1.19.1.
CVE-2026-27971
Qwik is a performance focused javascript framework. qwik <=1.19.0 is v ...
GHSA-p9x5-jp3h-96mm
Qwik vulnerable to Unauthenticated RCE via server$ Deserialization
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-27971 Qwik is a performance focused javascript framework. qwik <=1.19.0 is vulnerable to RCE due to an unsafe deserialization vulnerability in the server$ RPC mechanism that allows any unauthenticated user to execute arbitrary code on the server with a single HTTP request. Affects any deployment where require() is available at runtime. This vulnerability is fixed in 1.19.1. | CVSS3: 9.8 | 23% Средний | 27 дней назад |
| CVE-2026-27971 Qwik is a performance focused javascript framework. qwik <=1.19.0 is v ... | CVSS3: 9.8 | 23% Средний | 27 дней назад |
| GHSA-p9x5-jp3h-96mm Qwik vulnerable to Unauthenticated RCE via server$ Deserialization | 23% Средний | 28 дней назад |
Уязвимостей на страницу