SecAlerts
CVE ListPricingSign Up
isaacs logo

isaacs

Security Risk Profile

40
/100
medium

Security Risk Score

Comprehensive risk assessment based on 9 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from April 23, 2019 to present

9
Total CVEs
8
Critical+High
0
Exploited
0
Unpatched

Threat Assessment

Avg CVSS
7.8
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
0
Critical/High
Risk Level
40/100
medium

Severity Distribution

Critical
0
High
8
Medium
1
Low
0

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
0
<5%
7

Age Distribution

Common Weaknesses (CWE)

1
Path Traversal
5
2
CSRF
1
3
Race Condition
1
4
OS Command Injection
1
5
Command Injection
1

Most Affected Products

1. npm/tar9
2. isaacs Tar Node.js7
3. IBM watsonx.data intelligence5
4. npm/node-tar4
5. F5 BIG-IP (iRulesLX/iAppsLX)3

Recent Vulnerabilities

See more →
CVE-2026-31802
CVSS 8.2EPSS 0%high

node-tar Symlink Path Traversal via Drive-Relative Linkpath

3/9/2026
CVE-2026-29786
CVSS 8.2EPSS 0%high

node-tar: Hardlink Path Traversal via Drive-Relative Linkpath

3/5/2026
CVE-2026-26960
CVSS 7.1EPSS 0%high

node-tar has Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in Extraction

2/18/2026
CVE-2026-24842
CVSS 8.2EPSS 0%high

node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Traversal

1/28/2026
CVE-2026-23950
CVSS 8.8EPSS 0%high

node-tar has Race Condition in Path Reservations via Unicode Ligature Collisions on macOS APFS

1/20/2026
CVE-2026-23745
CVSS 8.2EPSS 0%high

node-tar Vulnerable to Arbitrary File Overwrite and Symlink Poisoning via Insufficient Path Sanitization

1/16/2026
CVE-2025-64756
CVSS 7.5high

glob CLI: Command injection via -c/--cmd executes matches with shell:true

11/17/2025
CVE-2024-28863
CVSS 6.5EPSS 0%medium

node-tar vulnerable to denial of service while parsing a tar file due to lack of folders count validation

3/21/2024
CVE-2018-20834
CVSS 7.5high
4/23/2019

Monitor isaacs in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.