HIGH
sebhildebrandt
CVE published 2026-05-27
CVE-2026-44724
CVE-2026-44724 is a command injection vulnerability in the systeminformation Node.js library affecting versions 4.17.0 through 5.31.5 on Linux systems. The vulnerability exists in the networkInterfaces() function, where an unsanitized NetworkManager connection profile name—obtained from nmcli device status output—is interpolated into shell command strings executed via execSync(). While the library sanitiz [truncated]