CVE-2026-44728

HIGH NVD

CVSS Score 8.2

Severity HIGH

Published May 26, 2026

Vendor unknown

Description

Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and 8.0.0-alpha.13.

References

https://github.com/babel/babel/security/advisories/GHSA-fv7c-fp4j-7gwp