Activity

StuMason/coolify-mcp

StuMason/coolify-mcp

TypeScript

Pull Request Merged

PR #148 merged: fix(security): update handlebars to 4.7.9 (CRITICAL CVE-2026-33937)

Security Update

Updates handlebars to ^4.7.9 via npm overrides to resolve the following vulnerabilities:

CVE-2026-33937 (CRITICAL) — JavaScript Injection via AST Type Confusion
CVE-2026-33938 (HIGH)
CVE-2026-33939 (HIGH)
CVE-2026-33940 (HIGH)
CVE-2026-33941 (HIGH)

Handlebars is a transitive dependency, so this uses the overrides field in package.json to force the patched version.

+6

additions

-3

deletions

2

files changed

Apr 2, 2026 at 11:43 AM