Or run without installing using npx: CVE-2021-44228 Log4Shell Java JNDI injection (vulnerable Log4j). CVE-2025-66478 Next.js RSC RCE Insecure deserialization in RSC Flight protocol. CVE-2024-4577 ...