UBUNTU-CVE-2026-44728
- Source
- https://ubuntu.com/security/CVE-2026-44728
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44728.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-44728
- Upstream
- Published
- 2026-05-26T18:16:00Z
- Modified
- 2026-06-12T09:01:24.519522569Z
- Severity
-
- 8.2 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVSS Calculator
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and 8.0.0-alpha.13.
- References
Affected packages
Ubuntu:22.04:LTS / node-babel7
Package
- Name
- node-babel7
- Purl
- pkg:deb/ubuntu/node-babel7?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:24.04:LTS / node-babel7
Package
- Name
- node-babel7
- Purl
- pkg:deb/ubuntu/node-babel7?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
7.*
7.20.15+ds1+~cs214.269.168-4
7.20.15+ds1+~cs214.269.168-5
7.20.15+ds1+~cs214.269.168-6
7.20.15+ds1+~cs214.269.168-6build1
Ecosystem specific
{
"binaries": [
{
"binary_version": "7.20.15+ds1+~cs214.269.168-6build1",
"binary_name": "node-babel7"
},
{
"binary_version": "7.20.15+ds1+~cs214.269.168-6build1",
"binary_name": "node-babel7-debug"
},
{
"binary_version": "7.20.15+ds1+~cs214.269.168-6build1",
"binary_name": "node-babel7-runtime"
},
{
"binary_version": "7.20.15+ds1+~cs214.269.168-6build1",
"binary_name": "node-babel7-standalone"
}
]
}
Ubuntu:25.10 / node-babel7
Package
- Name
- node-babel7
- Purl
- pkg:deb/ubuntu/node-babel7?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_version": "7.20.15+ds1+~cs214.269.168-8",
"binary_name": "node-babel7"
},
{
"binary_version": "7.20.15+ds1+~cs214.269.168-8",
"binary_name": "node-babel7-debug"
},
{
"binary_version": "7.20.15+ds1+~cs214.269.168-8",
"binary_name": "node-babel7-runtime"
},
{
"binary_version": "7.20.15+ds1+~cs214.269.168-8",
"binary_name": "node-babel7-standalone"
}
]
}
Ubuntu:26.04:LTS / node-babel7
Package
- Name
- node-babel7
- Purl
- pkg:deb/ubuntu/node-babel7?arch=source&distro=resolute
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
7.*
7.20.15+ds1+~cs214.269.168-8
7.20.15+ds1+~cs214.269.168-9
7.20.15+ds1+~cs214.269.168-11build1
7.20.15+ds1+~cs214.269.168-14
7.20.15+ds1+~cs214.269.168-16
Ecosystem specific
{
"binaries": [
{
"binary_version": "7.20.15+ds1+~cs214.269.168-16",
"binary_name": "node-babel7"
},
{
"binary_version": "7.20.15+ds1+~cs214.269.168-16",
"binary_name": "node-babel7-debug"
},
{
"binary_version": "7.20.15+ds1+~cs214.269.168-16",
"binary_name": "node-babel7-runtime"
},
{
"binary_version": "7.20.15+ds1+~cs214.269.168-16",
"binary_name": "node-babel7-standalone"
}
]
}