Description
No description available.
Recommendation
Update the happy-dom package to the latest compatible version. Followings are version details:
- Affected version(s): < 20.0.0
- Patched version(s): 20.0.0
References
Related Issues
- happy-dom's `--disallow-code-generation-from-strings` is not sufficient for isolating untrusted JavaScript - CVE-2025-62410
- PsiTransfer: Upload PATCH path traversal can create `config.<NODE_ENV>.js` and lead to code execution on restart - CVE-2026-41180
- Lobe Chat affected by Cross-Site Scripting(XSS) that can escalate to Remote Code Execution(RCE) - CVE-2026-23733
- OpenLearnX has Critical Remote Code Execution Through Python Sandbox Escape via Code Execution Environment - CVE-2026-41900
You might also like:
- Tags:
- npm
- happy-dom
Anything's wrong? Let us know Last updated on October 13, 2025