CVE-2026-24910 Blast Radius

MEDIUM • CVSS 5.9In Bun before 1.3.5, the default trusted dependencies list (aka trust allow list) can be spoofed by a non-npm package in the case of a matching name (…

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-24910.

Start Free Scan →← Back to CVE-2026-24910