Npm Cli
5 CVEs affecting Npm Cli. Latest disclosed: 2026-01-23. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-16777 | High | 7.7 | 2019-12-13 | Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritt… |
CVE-2019-16776 | High | 7.7 | 2019-12-13 | Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules f… |
CVE-2019-16775 | High | 7.7 | 2019-12-13 | Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_m… |
CVE-2026-0775 | High | 7.0 | 2026-01-23 | npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected… |
CVE-2020-15095 | Medium | 4.4 | 2020-07-07 | Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "<protocol>://[<u… |