Node-windows Project Node-windows — known CVE vulnerabilities
Every CVE whose affected-product data names Node-windows Project Node-windows, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2021-45459 — CVSS 9.8 (critical): lib/cmd.js in the node-windows package before 1.0.0-beta.6 for Node.js allows command injection via the PID parameter.