V
Vexday
by TrueHacking
›
PT
ES
EN
Intelligence
▾
Intelligence
Exploit Timeline
risk queue
Threats
ransomware · malware
Overview
observatory
Explore
▾
Explore
CVEs
Technologies
Vendors
Weakness types
Briefing
Live
Home
/
Technologies
/
Bun
Vulnerabilities in
Bun
1 result
CVE-2026-24910
MEDIUM
In Bun before 1.3.5, the default trusted dependencies list (aka trust allow list) can be spoofed by a non-npm package in the case of a match
EPSS
0.1%