1. CVE-2025-59342: Critical Arbitrary File Write Vulnerability in esm.sh (v136 and earlier)
A critical path traversal vulnerability in the popular JavaScript CDN and ESM transpiler, esm.sh, has been publicly documented, allowing attackers to write arbitrary files to the server. The flaw, tracked as CVE-2025-59342, affects versions v136 and earlier. This is not a theoretical risk; the vulnerability template ha...