THREAT OPS › Threat News › Node.js Trust Falls: Dangerous Module Resolution on Windows
Node.js Trust Falls: Dangerous Module Resolution on Windows
<p class="">In September of 2024, ZDI received a vulnerability submission from an anonymous researcher affecting <a href="https://docs.npmjs.com/cli/v11">npm CLI</a> that revealed a fundamental design issue in <a href="https://nodejs.org/en">Node.js</a>. This blog details how it continues to expose applications to local privilege escalation (LPE) attacks on Windows systems, including the Discord d
MITRE ATT&CK techniques
- VulnerabilitiesT1588.006
- Malicious PackageAML.T0011.001
Indicators of compromise
- 977fd5784f875fdc2e3436ed15c444ddca63e3d7sha1
- CVE-2026-0776cve
- CVE-2026-0775cve
- https://docs.npmjs.com/cli/v11url
- https://nodejs.org/enurl
- https://nodejs.org/api/modules.html#loading-from-node-modules-foldersurl
- https://docs.npmjs.com/cli/v11/configuring-npm/package-json#optionaldependenciesurl
- https://jira.mongodb.org/browse/COMPASS-9058url
- https://jira.mongodb.org/browse/MONGOSH-2028url
- https://infosec.exchange/@thezdiurl
- https://nodejs.org/api/modules.html#loading-from-node_modules-foldersurl
- https://docs.npmjs.com/cli/v10/configuring-npm/package-json#optionaldependenciesurl
- images.squarespace-cdn.comdomain