CVE-2026-48033 Blast Radius

HIGH • CVSS 0@hulumi/policies bypasses policy packs with a forged Pulumi-URN logical name **Affected:** `@hulumi/policies` `< 1.4.0` — **Fixed in:** `1.4.0` — **S

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-48033.