Fabre

#1138712 node-babel7: CVE-2026-44728 #1138712

Package:: src:node-babel7

Source:: src:node-babel7

Submitter:: Moritz Mühlenhoff

Date:: 2026-06-02 18:43:02 UTC

Severity:: normal

Tags:

#1138712#5

Date:: 2026-06-02 17:42:20 UTC

From:

To:

Hi,

The following vulnerability was published for node-babel7.

CVE-2026-44728[0]:
| Babel is a compiler for writing next generation JavaScript. From
| 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile
| code that was specifically crafted by an attacker can cause Babel to
| generate output code that executes arbitrary code. This
| vulnerability is fixed in 7.29.4 and 8.0.0-alpha.13.

https://github.com/babel/babel/security/advisories/GHSA-fv7c-fp4j-7gwp


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2026-44728
https://www.cve.org/CVERecord?id=CVE-2026-44728

Please adjust the affected versions in the BTS as needed.

#1138712 node-babel7: CVE-2026-44728 #1138712

Just Reply to ...

Reply to submitter ...

Send control command (Silently)

Set Architecture Tags (Silently)