PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-0775 npm CVE debrief

CVE-2026-0775 is a HIGH severity vulnerability in npm cli that allows local attackers to escalate privileges. The vulnerability exists within the handling of modules, where the application loads modules from an unsecured location. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The vulnerability was reported by Zerodayinitiative and has a CVSS score of 7. The CVE was published on January 23, 2026, and last modified on June 30, 2026.

Vendor
npm
Product
cli
CVSS
HIGH 7
CISA KEV
Not listed in stored evidence
Original CVE published
2026-01-23
Original CVE updated
2026-06-30
Advisory published
2026-01-23
Advisory updated
2026-06-30

Who should care

Administrators and users of npm cli should be aware of this vulnerability and take steps to mitigate it. The vulnerability allows local attackers to escalate privileges, which could lead to arbitrary code execution in the context of a target user. Users with low-privileged code execution capabilities on the target system are at risk.

Technical summary

The vulnerability exists within the handling of modules in npm cli. The application loads modules from an unsecured location, allowing an attacker to leverage this vulnerability to escalate privileges and execute arbitrary code in the context of a target user. The CVSS vector for this vulnerability is CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H. The weakness associated with this vulnerability is CWE-732.

Defensive priority

This vulnerability has a HIGH severity and a CVSS score of 7, indicating a significant risk to affected systems. Administrators should prioritize patching or mitigating this vulnerability as soon as possible.

Recommended defensive actions

  • Apply the patch or update provided by the vendor to address the vulnerability.
  • Restrict access to the npm cli to only trusted users and limit the privileges of low-privileged users.
  • Monitor systems for suspicious activity and implement compensating controls to detect and prevent exploitation.
  • Consider implementing additional security measures such as SELinux or other mandatory access control systems to restrict access to sensitive resources.
  • Keep the npm cli and its dependencies up to date to ensure the latest security patches are applied.

Evidence notes

The CVE-2026-0775 vulnerability was reported by Zerodayinitiative and has a CVSS score of 7. The CVE was published on January 23, 2026, and last modified on June 30, 2026. The vulnerability exists within the handling of modules in npm cli, and the application loads modules from an unsecured location. The weakness associated with this vulnerability is CWE-732.

Official resources

This article is AI-assisted and based on the supplied source corpus.