{"id":"CVE-2020-26300","details":"systeminformation is an npm package that provides system and OS information library for node.js. In systeminformation before version 4.26.2 there is a command injection vulnerability. Problem was fixed in version 4.26.2 with a shell string sanitation fix.","aliases":["GHSA-fj59-f6c3-3vw4"],"modified":"2026-04-10T04:26:31.453001Z","published":"2021-09-09T01:15:06.930Z","related":["GHSA-fj59-f6c3-3vw4"],"references":[{"type":"ADVISORY","url":"https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-fj59-f6c3-3vw4"},{"type":"ADVISORY","url":"https://www.npmjs.com/package/systeminformation"},{"type":"FIX","url":"https://github.com/advisories/GHSA-fj59-f6c3-3vw4"},{"type":"FIX","url":"https://github.com/sebhildebrandt/systeminformation/commit/bad372e654cdd549e7d786acbba0035ded54c607"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/sebhildebrandt/systeminformation","events":[{"introduced":"0"},{"fixed":"26be10b3ac58cd537225d6cb8b8b61f3375852fe"},{"fixed":"bad372e654cdd549e7d786acbba0035ded54c607"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.26.2"}]}}],"versions":["v3.42.5","v3.42.6","v3.42.7","v3.42.8","v3.45.8","v3.45.9","v3.48.2","v3.48.3","v3.48.4","v3.51.1","v3.51.2","v3.52.0","v3.52.1","v4.0.12","v4.0.13","v4.0.14","v4.0.15","v4.0.6","v4.0.7","v4.0.9","v4.1.5","v4.1.6","v4.1.7","v4.1.8","v4.11.5","v4.11.6","v4.12.1","v4.12.2","v4.13.1","v4.13.2","v4.14.0","v4.14.10","v4.14.11","v4.14.14","v4.14.15","v4.14.3","v4.14.5","v4.14.6","v4.14.7","v4.14.9","v4.15.0","v4.15.1","v4.16.0","v4.16.1","v4.17.0","v4.17.1","v4.17.2","v4.17.3","v4.18.0","v4.18.1","v4.18.2","v4.18.3","v4.19.0","v4.19.1","v4.19.2","v4.19.3","v4.19.4","v4.2.0","v4.2.1","v4.20.0","v4.20.1","v4.21.0","v4.22.6","v4.22.7","v4.23.0","v4.23.1","v4.23.10","v4.23.2","v4.23.3","v4.23.4","v4.23.5","v4.23.6","v4.23.7","v4.23.8","v4.23.9","v4.24.0","v4.24.1","v4.25.2","v4.3.0","v4.6.1","v4.7.0","v4.7.1","v4.7.2","v4.7.3","v4.8.4","v4.9.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-26300.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}