Deno Security Vulnerabilities (CVEs)
Track 16 security vulnerabilities affecting Deno products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This CVE describes a command injection vulnerability in Deno's node:child_process implementation that allows attackers to execute arbitrary commands o...
Feb 20, 2026Deno's node:crypto module before version 2.6.0 fails to properly finalize cipher operations, allowing attackers to perform infinite encryption attempt...
Jan 15, 2026This vulnerability allows attackers to bypass Deno's security restrictions on Windows by using case variations in file extensions (.BAT, .Bat instead ...
Jan 15, 2026This CVE describes a command injection vulnerability in Deno on Windows systems. When Deno executes batch files (.bat, .cmd) on Windows, the underlyin...
Oct 8, 2025This vulnerability allows attackers to bypass Deno's permission system for database read/write operations using the ATTACH DATABASE SQL statement. It ...
Jun 4, 2025This CVE describes a permission precedence vulnerability in Deno where 'deny' flags don't properly override 'allow' flags when both are specified for ...
Jun 4, 2025This vulnerability in Deno runtime versions 1.46.0 through 2.1.6 fails to validate AES-GCM authentication tags, allowing tampered ciphertexts to go un...
Jun 3, 2025Deno 1.44.0 incorrectly sends .npmrc authentication credentials to tarball URLs on different domains when a private registry provides cross-domain tar...
Jun 6, 2024This CVE describes a sandbox escape vulnerability in Deno where granting file read/write permissions could unintentionally provide broader system acce...
May 7, 2024This vulnerability allows attackers to bypass Deno's permission prompts by injecting ANSI escape sequences into standard input during a race condition...
Apr 18, 2024This vulnerability in Deno runtime version 1.39.0 allows arbitrary file descriptor manipulation, enabling attackers to bypass permission prompts and a...
Mar 21, 2024This vulnerability in Deno's Node.js compatibility layer allows cross-session data contamination during simultaneous asynchronous reads from Node.js s...
Mar 21, 2024This vulnerability in Deno's file sandbox allows attackers to bypass directory restrictions via symbolic links. When Deno is run with write permission...
Jun 12, 2022This critical vulnerability in Deno runtime allows malicious code to bypass all permission checks and execute arbitrary shell commands with full syste...
Mar 25, 2022CVE-2021-42139 is a critical code injection vulnerability in Deno Standard Modules that allows remote code execution when processing untrusted YAML fi...
Oct 11, 2021This vulnerability allows Deno modules imported dynamically via import() or new Worker to bypass network and file system permission checks when static...
May 28, 2021Why Monitor Deno Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 16+ known vulnerabilities affecting Deno products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Deno packages in under 60 seconds. No agents required - completely agentless scanning that works across Deno deployments.
Free vulnerability database: Access detailed information about every Deno CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Deno CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
