VIR Vulnerability Intelligence Relay

Package impact

npm npm / @backstage/backend-defaults

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-24048 unknown 4mo ago Backstage has a Possible SSRF when reading from allowed URL's in `backend.reading.allow`
CVE-2026-24046 unknown 4mo ago Backstage has a Possible Symlink Path Traversal in Scaffolder Actions