CVE-2026-9673 – Json-2-Csv CSV Injection

CVE ID :CVE-2026-9673

Published : May 28, 2026, 6:16 a.m. | 15 minutes ago

Description :Versions of the package json-2-csv from 3.15.0 and before 5.5.11 are vulnerable to CSV Injection via the preventCsvInjection option which can be bypassed. An attacker can inject formulas into CSV files, which execute when the files are opened in spreadsheet applications.

Severity: 6.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-9803 – Keycloak: keycloak: denial of service via malformed authorization header

CVE-2026-9802 – Keycloak: keycloak: unauthorized account access via replayed refresh tokens after cluster restart

CVE-2026-9801 – Keycloak: keycloak: denial of service via malformed ldap password policy response

CVE-2026-9798 – Keycloak: keycloak: brute-force protection bypass in ciba flow