npm1 critical
systeminformation
13 known vulnerabilities · 1 critical · 5 high
Systeminformation has a Command Injection via unsanitized interface parameter in wifi.js retry path
Published Feb 18, 2026
Command Injection via Unsanitized `locate` Output in `versions()` — systeminformation
Published Feb 18, 2026
GHSA-hvx9-hwr7-wjj9
Systeminformation vulnerable to Linux command injection in networkInterfaces() via unsanitized NetworkManager connection profile name
Published May 13, 2026
systeminformation has a Command Injection vulnerability in fsSize() function on Windows
Published Dec 16, 2025
MAL-2026-5381
Malicious code in @doaction/systeminformation (npm)
Published Jun 9, 2026
Check your entire dependency tree at onceRun dependency scan →