Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:npm/systeminformation@5.3.1
purl pkg:npm/systeminformation@5.3.1
Next non-vulnerable version 5.6.4
Latest non-vulnerable version 5.31.6
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-fen5-17u8-efbs
Aliases:
CVE-2021-21388
GHSA-jff2-qjw8-5476
OS Command Injection systeminformation is an open source system and OS information library for node.Please upgrade to If you cannot upgrade, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() and other commands. Only allow strings, reject any arrays. String sanitation works as expected.
5.6.4
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-us5p-3w2r-13e6 Command Injection Vulnerability command injection vulnerability CVE-2021-21315
GHSA-2m8v-572m-ff2v

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-04T20:50:20.039707+00:00 GitLab Importer Affected by VCID-fen5-17u8-efbs https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/systeminformation/CVE-2021-21388.yml 38.6.0
2026-06-04T17:28:40.890635+00:00 GithubOSV Importer Fixing VCID-us5p-3w2r-13e6 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/02/GHSA-2m8v-572m-ff2v/GHSA-2m8v-572m-ff2v.json 38.6.0
2026-06-04T16:20:49.024846+00:00 GitLab Importer Fixing VCID-us5p-3w2r-13e6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/systeminformation/CVE-2021-21315.yml 38.6.0