CNNVD-202602-2122 Information

CNNVD ID

CNNVD-202602-2122

Related CVE

CVE-2025-56647

• CNNVD Published: 2026-02-12

Description (Chinese)

farm是Farm开源的一个web构建工具。 farm 1.7.6之前版本存在安全漏洞，该漏洞源于WebSocket缺少来源验证，可能导致攻击者监控开发者并窃取源代码。

Description (English)

Farm is a web construction tool for Farm Open Source. The previous version of farm 1.7.6 had a security loophole, which stemmed from the lack of source verification in WebSocket, which could lead the attackers to monitor the developers and steal the source code.

Vulnerability Type

其他

Affected Vendor

Farm

Published

2026-02-12

Last Modified

2026-02-24

References

https://gist.github.com/R4356th/d4372c6f83275d583c180c0e7d7332af https://github.com/farm-fe/farm/commit/83342ef06e0aea37270950fd8c930422c4df0679 https://github.com/farm-fe/farm/issues/2168

Patch

https://github.com/farm-fe/farm/releases