[Security] 14 CVEs (12 HIGH) in dependencies + critical command injection vulnerabilities #765
Description
git add package.json package-lock.json
git commit -m "security: fix tar and seroval CVEs
- Override tar to >=7.5.7 (fixes CVE-2026-24842, CVE-2026-23745, CVE-2026-23950)
- Override seroval to >=1.4.1 (fixes CVE-2026-23957, CVE-2026-23956, CVE-2026-23736)
Fixes 12 HIGH severity vulnerabilities from npm audit