decompress npm Vulnerability CVE-2026-53486 (CVSS 9.1) Threatens 2.8 Million Weekly Downloads Vulnerability Report decompress npm Vulnerability CVE-2026-53486 (CVSS 9.1) Threatens 2.8 Million Weekly Downloads Do Son July 12, 2026 0 TL;DR A high-severity decompress npm vulnerability lets crafted archives write files outside the extraction folder. Tracked as... Read More Read more about decompress npm Vulnerability CVE-2026-53486 (CVSS 9.1) Threatens 2.8 Million Weekly Downloads