CVE-2026-23950 — Vulnetix

CVE-2026-23950 PUBLISHED

EPSS 0.01% · 1.0th percentile

Risk Scores

EPSS Score

0.01%

1.0th percentile

Affected Products

Vendor	Product	Versions
SAP	concur
Amazon	nodejs24
Amazon	nodejs20
Amazon	nodejs22

Exploit Intelligence

https://github.com/isaacs/node-tar/security/advisories/GHSA-r6q2-hw4h-h46w (nist-nvd)
pnpm-workspace.yaml (github-poc)
pnpm-workspace.yaml (github-poc)
pnpm-workspace.yaml (github-poc)
pnpm-workspace.yaml (github-poc)
pnpm-workspace.yaml (github-poc)
pnpm-workspace.yaml (github-poc)
pnpm-workspace.yaml (github-poc)
pnpm-workspace.yaml (github-poc)
pnpm-workspace.yaml (github-poc)

…and 15 more exploits

Timeline

Jan 20, 2026 EPSS Score
Jan 20, 2026 CVE Published
Jan 21, 2026 CVE Updated
Jan 23, 2026 EPSS Score
Jan 26, 2026 EPSS Score
Jan 28, 2026 EPSS Score
Jan 30, 2026 Security Advisory
Jan 31, 2026 EPSS Score
Feb 3, 2026 EPSS Score
Feb 6, 2026 EPSS Score
Feb 8, 2026 EPSS Score
Feb 11, 2026 EPSS Score

References

ALAS2023-2026-1464: nodejs20 (important) advisory
ALAS2023-2026-1465: nodejs22 (important) advisory
ALAS2023-2026-1466: nodejs24 (important) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›