CVE-2026-2265

Published: Apr 01, 2026 Last Modified: Apr 01, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,5

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: low

Integrity: low

Availability: none

Description

AI Translation Available

An unauthenticated remote code execution (RCE) vulnerability exists in applications that use the Replicator node package manager (npm) version 1.0.5 to deserialize untrusted user input and execute the resulting object.

https://github.com/inikulin/replicator

https://github.com/inikulin/replicator/pull/19

https://morielharush.github.io/2026/03/31/cve-2026-2265-rep…

https://morielharush.github.io/2026/03/31/cve-2026-2265-replicator-deserializat…

CVE-2026-2265

Description

Iscriviti alla newsletter