CNNVD-202602-2159 Information

CNNVD ID

CNNVD-202602-2159

Related CVE

CVE-2026-0969

• CNNVD Published: 2026-02-12

Description (Chinese)

HashiCorp next-mdx-remote是美国HashiCorp公司的一个内容渲染工具。 HashiCorp next-mdx-remote 6.0.0之前版本存在安全漏洞，该漏洞源于MDX内容清理不足，可能导致任意代码执行。

Description (English)

HashiCorp next-mdx-remote is a content-reducing tool for HashiCorp in the United States. There was a security loophole in the previous version of HashiCorp next-mdx-remote 6.0.0, which stemmed from inadequate clearance of MDX content, which could lead to arbitrary code implementation.

Vulnerability Type

其他

Affected Vendor

HashiCorp

Published

2026-02-12

Last Modified

2026-02-24

References

https://discuss.hashicorp.com/t/hcsec-2026-01-arbitrary-code-execution-in-react-server-side-rendering-of-untrusted-mdx-content/77155 https://access.redhat.com/security/cve/cve-2026-0969

Patch

https://discuss.hashicorp.com/t/hcsec-2026-01-arbitrary-code-execution-in-react-server-side-rendering-of-untrusted-mdx-content/77155