Lucene search
K

296 matches found

Nuclei
Nuclei
added 9 hours ago18 views

Docusaurus Gists Plugin < 4.0.0 - GitHub Personal Access Token Exposure

The Docusaurus gists plugin adds a page to your Docusaurus instance, displaying all public gists of a GitHub user. docusaurus-plugin-content-gists versions prior to 4.0.0 are vulnerable to exposing GitHub Personal Access Tokens in production build artifacts when passed through plugin configuratio...

10CVSS5.8AI score0.01842EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.7 views

CVE-2026-7788

A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function updatedocument/continuedocument/deletedocument/getcontent of the file app/routes/document.py. Performing a manipulation of the argument DOCSDIR/pa...

7.5CVSS6.8AI score0.0041EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/05 12:30 a.m.19 views

EUVD-2026-27161

A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function updatedocument/continuedocument/deletedocument/getcontent of the file app/routes/document.py. Performing a manipulation of the argument DOCSDIR/pa...

7.5CVSS6.8AI score0.0041EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/05 12:0 a.m.63 views

CVE-2026-7788 Axle-Bucamp MCP-Docusaurus document.py get_content path traversal

A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function updatedocument/continuedocument/deletedocument/getcontent of the file app/routes/document.py. Performing a manipulation of the argument DOCSDIR/pa...

7.5CVSS0.0041EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/05 12:0 a.m.4 views

CVE-2026-7788 Axle-Bucamp MCP-Docusaurus document.py get_content path traversal

A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function updatedocument/continuedocument/deletedocument/getcontent of the file app/routes/document.py. Performing a manipulation of the argument DOCSDIR/pa...

7.5CVSS6.8AI score0.0041EPSS
Exploits0References5
CVE
CVE
added 2026/05/05 12:0 a.m.32 views

CVE-2026-7788

Summary: CVE-2026-7788 affects Axle-Bucamp MCP-Docusaurus. A path traversal vulnerability exists in the file path app/routes/document.py, specifically in the functions update_document, continue_document, delete_document, and get_content, triggered by manipulating the DOCS_DIR/path argument. This ...

7.5CVSS6.8AI score0.0041EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.7 views

MCP Docusaurus Toolkit 路径遍历漏洞

MCP Docusaurus Toolkit is a documentation management and semantic search platform developed by Bucamp Axle’s individual developers. The MCP Docusaurus Toolkit has a path traversal vulnerability, which stems from the operations on the parameter DOCSDIR/path in the functions updatedocument,...

7.5CVSS7.1AI score0.0041EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/04 9:46 a.m.1 views

Malicious Package

Overview docusaurus-plugin-launchdarkly is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and thi...

9.8CVSS5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/04 9:46 a.m.8 views

Malicious code in docusaurus-plugin-launchdarkly (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e875ce6b5b0d95c7100cdba68bed891c712b414716f07147e6a3f04f4f9b4789 The package docusaurus-plugin-launchdarkly was found to contain malicious code. Source: ghsa-malware...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/02/04 9:46 a.m.6 views

MAL-2026-735 Malicious code in docusaurus-plugin-launchdarkly (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e875ce6b5b0d95c7100cdba68bed891c712b414716f07147e6a3f04f4f9b4789 The package docusaurus-plugin-launchdarkly was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2025/11/24 9:44 p.m.4 views

EUVD-2025-199087

Malicious code in docusaurus-plugin-vanilla-extract npm...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 9:44 p.m.6 views

Malicious code in docusaurus-plugin-vanilla-extract (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2659e389b89fcdf1fe723b544962764d4f2881cae9694dc4107fbbb4ec077328 The package docusaurus-plugin-vanilla-extract was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSV
OSV
added 2025/11/24 9:44 p.m.4 views

MAL-2025-190956 Malicious code in docusaurus-plugin-vanilla-extract (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2659e389b89fcdf1fe723b544962764d4f2881cae9694dc4107fbbb4ec077328 The package docusaurus-plugin-vanilla-extract was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 4:31 p.m.2 views

EUVD-2025-198903

Malicious code in posthog-docusaurus npm...

6.6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 4:31 p.m.7 views

Malicious code in posthog-docusaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 317ab9fe546aa6930bf7fb3ee7c35c737d56963b41a4f3d4363abdb0ebfbfa49 The package posthog-docusaurus was found to contain malicious code. Source: google-open-source-security...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/11/24 4:31 p.m.3 views

MAL-2025-190924 Malicious code in posthog-docusaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 317ab9fe546aa6930bf7fb3ee7c35c737d56963b41a4f3d4363abdb0ebfbfa49 The package posthog-docusaurus was found to contain malicious code. Source: google-open-source-security...

6.8AI score
Exploits0References3
Snyk
Snyk
added 2025/11/24 4:24 p.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-179292

Malicious code in docusaurus-bellatrix-xanthus-virgo npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-179289

Malicious code in docusaurus-eventhoriz-heliophysics-neutronstar npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-186597 Malicious code in docusaurus-robotics-supercluster-sublimation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a39e2608b2f82ff530582218d014aa91796cfd3a914e2f496c0d2134cf7c5238 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Rows per page
Query Builder