CVE-2026-42047 - Inngest TypeScript SDK exposes environment variables via serve() handler on unhandled HTTP methods
CVE ID :CVE-2026-42047 Published : May 7, 2026, 8:38 p.m. | 24 minutes ago Description :Inngest is a platform for running event-driven and scheduled background functions with queueing, retries, and step orchestration. Versions 3.22.0 through 3.53.1 contain a vulnerability that allows unauthent
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Harvard, Berkeley and Thousands of Schools Suffer Cyber Outage
- [CYBER] New TCLBanker malware self-spreads over WhatsApp and Outlook
- [CYBER] Hackers deface school login pages after claiming another Instructure hack
- [CYBER] Ivanti customers confront yet another actively exploited zero-day
- [CYBER] Bitlocker Bypass, AI Trust Exploits, and FreeBSD RCE Disclosures
- [CYBER] Canvas is down as ShinyHunters threatens to leak schools’ data