RCE in Sebhildebrandt Systeminformation
CVE-2026-50289
systeminformation is a System and OS information library for node.js. Prior to 5.31.7, networkInterfaces() on Linux is vulnerable to OS command injection through the Debian/Ubuntu interfaces(5) source directive because lib/network.js check…
Vulnerability class: Command Injection (OS Command Injection)
Affected products
- Sebhildebrandt Systeminformation — versions < 5.31.7
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)
- security-advisories@github.com (x_refsource_MISC)