CRITICAL 9.8 npm
GHSA-g4rg-993r-mgx7 · CVE-2021-42740 Improper Neutralization of Special Elements used in a Command in Shell-quote
Modified: 2/4/2026
package
npm / shell-quote
pkg:npm/shell-quote
CRITICAL 9.8 npm
GHSA-qg8p-v9q4-gh34 · CVE-2016-10541 Potential Command Injection in shell-quote
Modified: 5/4/2026
HIGH 8.1 npm
GHSA-w7jw-789q-3m8p · CVE-2026-9277 shell-quote quote() does not escape newlines in object .op values
Modified: 6/10/2026