A severe command injection vulnerability has been discovered in systeminformation, a widely-used Node.js library for retrieving system information. The flaw, tracked as CVE-2025-68154, allows attackers to execute arbitrary commands on Windows systems when applications pass user input to the vulnerable function. The vulnerability exists in the fsSize() function, which retrieves disk space information but fails […] The post Critical Node.js Library Flaw Lets Hackers Execute Remote Commands on Windows appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/critical-node-js-library-flaw/
