Security Advisory

CVE-2025-50180

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-25 15:32:56

Last updated 2026-02-27 18:22:28

Assigner GitHub_M

State PUBLISHED

Description

esm.sh is a no-build content delivery network (CDN) for web development. In version 136, esm.sh is vulnerable to a full-response SSRF, allowing an attacker to retrieve information from internal websites through the vulnerability. Version 137 fixes the vulnerability.

← Browse all CVEs View on cve.org ↗