1. Critical NPM Package 'brace-expansion' Exposes Projects to Two New Vulnerabilities, Including High-Severity CVE-2026-33750
A widely used JavaScript library, 'brace-expansion', has been flagged for two newly disclosed vulnerabilities, with the most severe rated 6.5 on the CVSS scale. The findings, posted to a GitHub repository, indicate that version 2.0.1 of the package is directly affected, posing a potential risk to any project that inclu...