
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
zigbee2mqtt-frontend
Advanced tools
[](https://github.com/nurikk/zigbee2mqtt-frontend/actions/workflows/node.js.yml) [](https://github.com/nurikk/zigbee2mqtt-frontend/actions/workflows/node.js.yml) [.
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.