JavaScript is a high-level, interpreted programming language essential for creating interactive web applications, running directly in web browsers to enable dynamic content and user interface enhancements. It is integral to the web development stack, working seamlessly with HTML and CSS to build responsive and feature-rich websites.

JavaScript

Claude Code is an AI-powered code analysis and generation tool developed by Anthropic that helps developers write, review, and debug code across multiple programming languages. It can understand complex codebases, suggest improvements, and assist in writing secure, efficient code.

Claude Code

Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. This issue has been patched in version 2.0.31.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-23947	CRITICAL	9.3	JavaScript	@orval/core	No	Yes	Jan 20, 2026
CVE-2026-23950	HIGH	8.8	JavaScript	grafana-graphite	No	Yes	Jan 20, 2026
CVE-2026-22037	HIGH	8.4	JavaScript	@fastify/express	No	Yes	Jan 19, 2026
CVE-2026-23522	LOW	3.7	JavaScript	@lobehub/chat	No	No	Jan 19, 2026
CVE-2025-66803	LOW	1.7	JavaScript	@hotwired/turbo	No	Yes	Jan 20, 2026

CVE-2025-64755:
JavaScript vulnerability analysis and mitigation

8.7

Related JavaScript vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2025-64755: JavaScript vulnerability analysis and mitigation