pkg:npm/systeminformation

13 total CVEsCRITICAL1HIGH10MEDIUM2

✅ Check your installed version

All known vulnerabilities

  • HIGH7.8CVE-2021-21315⚠ KEVCommand Injection Vulnerability
    from 0, < 5.3.1
  • CRITICAL9.8CVE-2023-42810systeminformation SSID Command Injection Vulnerability
    >= 5.0.0, < 5.21.7
  • HIGH8.9CVE-2021-21388Command Injection Vulnerability in systeminformation
    from 0, < 5.6.4
  • HIGH8.8CVE-2026-26318Command Injection via Unsanitized `locate` Output in `versions()` — systeminformation
    from 0, < 5.31.0
  • HIGH8.8CVE-2020-7752systeminformation command injection vulnerability
    from 0, < 4.27.11
  • HIGH8.4CVE-2026-26280Systeminformation has a Command Injection via unsanitized interface parameter in wifi.js retry path
    from 0, < 5.30.8
  • HIGH8.1CVE-2025-68154systeminformation has a Command Injection vulnerability in fsSize() function on Windows
    from 0, < 5.27.14
  • HIGH8.1CVE-2020-26245Prototype Pollution in systeminformation
    from 0, < 4.30.5
  • HIGH7.8CVE-2026-44724Systeminformation vulnerable to Linux command injection in networkInterfaces() via unsanitized NetworkManager connection profile name
    >= 4.17.0, < 5.31.6
  • HIGH7.8CVE-2024-56334Systeminformation has command injection vulnerability in getWindowsIEEE8021x (SSID)
    from 0, < 5.23.7
  • HIGH7.3CVE-2020-7778OS Command Injection in systeminformation
    from 0, < 4.30.2
  • MEDIUM6.4CVE-2020-26274Command Injection Vulnerability in systeminformation
    from 0, < 4.31.1
  • MEDIUM5.9CVE-2020-26300Command Injection in systeminformation
    from 0, < 4.26.2