CVE-2025-10437

CVE-2025-10437 describes an SQL Injection vulnerability in Eksagate Webpack Management System, affecting versions through 20251119. The root cause, as stated across Red Hat/Sec reports, is improper neutralization of special elements in SQL commands. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:...

Eksagate Electronic Engineering Webpack Management System 安全漏洞

Eksagate Electronic Engineering Webpack Management System is a management system of the Turkish company Eksagate Electronic Engineering. A security vulnerability exists in Eksagate Electronic Engineering Webpack Management System 20251119 and prior versions, which stems from improper neutralizati...

PT-2025-47452

Name of the Vulnerable Software and Affected Versions Eksagate Webpack Management System versions through 20251119 Description A flaw exists in Eksagate Webpack Management System that allows for SQL Injection. This issue enables unauthorized database control without authentication. The...

EUVD-2025-178416

Malicious code in inflation-technocracy-css-minimizer-webpack-plugin-await npm...

EUVD-2025-180170

Malicious code in axios-astro-html-webpack-plugin-algol npm...

EUVD-2025-180192

Malicious code in await-async-cluster-terser-webpack-plugin npm...

MAL-2025-185890 Malicious code in bootstrap-futurology-bootstrap-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b104189a74b27deed81a647b36a22f7fbca02dfd1483495bc1805ff2b673e36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187374 Malicious code in html-webpack-plugin-hologram-stream-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07f786614246d2d9d6432c8d36c1015a7c75b9a2b3c99baa78f244a48ad6eb9f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188732 Malicious code in planckscale-webpack-json-neptunology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dac476c90bc256cd8261ff18ff844d1b911ddf79b4f68c7de94b528d89ddc48 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gulp-yildun-lacerta-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76a274bdb3d2616b5e76f058c31ebcdd115b7a1c639d4bd9c4736f68f31c0c47 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188465 Malicious code in orbit-html-webpack-plugin-xml-docusaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08fb8c907f7e235373242f869cd54f573229f75943e3b713df6ab822fa2142e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179411

Malicious code in dagda-non-blocking-html-webpack-plugin-astrophysics npm...

EUVD-2025-179462

Malicious code in css-minimizer-webpack-plugin-framework-nextjs-upgrade npm...

MAL-2025-187030 Malicious code in fornax-janus-fusion-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b0fb880a3bfb6b4d32d650b9778f2bab22b66cda0b72f0639a80bccf3fcd8cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189269 Malicious code in rollup-plugin-chai-soap-terser-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 961e8a7cfffd287292e217d76e3379b062907280f409cf0ea9836155a60343e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187372 Malicious code in html-webpack-plugin-atlas-global-lacerta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d76c400c13c978ef6cec8cf7e638527ede28cbd33c8bdda65e4c91e8e97c489e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179354

Malicious code in delphinus-passport-blazar-css-minimizer-webpack-plugin npm...

EUVD-2025-176413

Malicious code in server-filament-framework-css-minimizer-webpack-plugin npm...

Malicious code in spawn-webpack-nightwatch-slides (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 318806806d481ef740dd17c622bc164b94a295e29a9282fc7c00d3951dfeaee0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176769

Malicious code in redis-astrophysics-astrophysics-webpack npm...