Babel
This hub aggregates every CVE we track for Babel, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
1
Critical
2
High
0
In CISA KEV
Severity distribution
HIGH2MEDIUM2LOW1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
2024-082026-07
Latest CVEs
The 6 most recently published vulnerabilities affecting Babel.
- CVE-2026-49356Babel: Arbitrary File Read via sourceMappingURL Comment in @babel/core3.2
- CVE-2026-44728Improper Control of Generation of Code when compiling specifically crafted malicious code with @babel/plugin-transform-modules-systemjs8.2
- CVE-2025-27789Inefficient RexExp complexity in generated code with .replace when transpiling named capturing groups6.2
- CVE-2023-45133Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code9.3
- CVE-2021-42771Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.7.8
- CVE-2019-1010290Babel: Multilingual site Babel All is affected by: Open Redirection. The impact is: Redirection to any URL, which is supplied to redirect.php in a "newurl" parameter. The component is: redirect.php...6.1
Product normalization is registry-driven with AI assist and human review. How it works