From 9802dd7c705bec3273407c6420532b0dccfcb98f Mon Sep 17 00:00:00 2001 From: orbisai0security Date: Sun, 15 Mar 2026 14:59:20 +0000 Subject: [PATCH] fix: upgrade systeminformation to 5.31.0 (CVE-2026-26318) systeminformation: systeminformation: Arbitrary code execution via unsanitized `locate` output Resolves CVE-2026-26318 --- admin/package-lock.json | 19 ++++++++++++++----- admin/package.json | 2 +- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/admin/package-lock.json b/admin/package-lock.json index 79a52da..ac4b5b9 100644 --- a/admin/package-lock.json +++ b/admin/package-lock.json @@ -64,7 +64,7 @@ "remark-gfm": "^4.0.1", "sharp": "^0.34.5", "stopword": "^3.1.5", - "systeminformation": "^5.30.8", + "systeminformation": "^5.31.0", "tailwindcss": "^4.1.10", "tar": "^7.5.11", "tesseract.js": "^7.0.0", @@ -4379,6 +4379,7 @@ "cpu": [ "arm64" ], + "dev": true, "license": "Apache-2.0 AND MIT", "optional": true, "os": [ @@ -4395,6 +4396,7 @@ "cpu": [ "x64" ], + "dev": true, "license": "Apache-2.0 AND MIT", "optional": true, "os": [ @@ -4411,6 +4413,7 @@ "cpu": [ "arm" ], + "dev": true, "license": "Apache-2.0", "optional": true, "os": [ @@ -4427,6 +4430,7 @@ "cpu": [ "arm64" ], + "dev": true, "license": "Apache-2.0 AND MIT", "optional": true, "os": [ @@ -4443,6 +4447,7 @@ "cpu": [ "arm64" ], + "dev": true, "license": "Apache-2.0 AND MIT", "optional": true, "os": [ @@ -4459,6 +4464,7 @@ "cpu": [ "x64" ], + "dev": true, "license": "Apache-2.0 AND MIT", "optional": true, "os": [ @@ -4475,6 +4481,7 @@ "cpu": [ "x64" ], + "dev": true, "license": "Apache-2.0 AND MIT", "optional": true, "os": [ @@ -4491,6 +4498,7 @@ "cpu": [ "arm64" ], + "dev": true, "license": "Apache-2.0 AND MIT", "optional": true, "os": [ @@ -4507,6 +4515,7 @@ "cpu": [ "ia32" ], + "dev": true, "license": "Apache-2.0 AND MIT", "optional": true, "os": [ @@ -4523,6 +4532,7 @@ "cpu": [ "x64" ], + "dev": true, "license": "Apache-2.0 AND MIT", "optional": true, "os": [ @@ -15233,10 +15243,9 @@ } }, "node_modules/systeminformation": { - "version": "5.30.8", - "resolved": "https://registry.npmjs.org/systeminformation/-/systeminformation-5.30.8.tgz", - "integrity": "sha512-imB8LwJCc2DkufKlSRHfzbjhheGzpg1P31A4c55IKTq/ll6Agn1rhBOY+WmS/hyg5inGFp7AyZIK0gvq5rFO2Q==", - "license": "MIT", + "version": "5.31.0", + "resolved": "https://registry.npmjs.org/systeminformation/-/systeminformation-5.31.0.tgz", + "integrity": "sha512-z5pjzvC8UnQJ/iu34z+mo3lAeMzTGdArjPQoG5uPyV5XY4BY+M6ZcRTl4XnZqudz6sP713LhWMKv6e0kGFGCgQ==", "os": [ "darwin", "linux", diff --git a/admin/package.json b/admin/package.json index 19ffa6c..fc01737 100644 --- a/admin/package.json +++ b/admin/package.json @@ -116,7 +116,7 @@ "remark-gfm": "^4.0.1", "sharp": "^0.34.5", "stopword": "^3.1.5", - "systeminformation": "^5.30.8", + "systeminformation": "^5.31.0", "tailwindcss": "^4.1.10", "tar": "^7.5.11", "tesseract.js": "^7.0.0",