Using Deno version:
deno 2.6.7 (stable, release, x86_64-unknown-linux-gnu)
v8 14.5.201.2-rusty
typescript 5.9.2

Running PoC exploit...
Exploit worked: true
VULNERABILITY CONFIRMED: Command injection via newline in shell argument

=== RESULT: VULNERABILITY CONFIRMED ===
The newline command injection vulnerability is present in this version.
Evidence: /tmp/rce_proof file was created via shell injection.
-rw-r--r-- 1 root root 0 Feb 20 14:46 /tmp/rce_proof