Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-30235

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.00059EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/09/21 12:11 a.m.17 views

CVE-2025-59717

In the @digitalocean/do-markdownit package through 1.16.1 in npm, the callout and fenceenvironment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string instead of an array...

5.4CVSS6.7AI score0.00059EPSS
Exploits1References1
Snyk
Snykadded 2025/09/19 6:31 a.m.2 views

Access of Resource Using Incompatible Type ('Type Confusion')

Overview @digitalocean/do-markdownit is a Markdown-It plugin for the DigitalOcean Community. Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type 'Type Confusion' in the callout and fenceenvironment plugins when allowedClasses or allowedEnvironments is...

9.8CVSS6.6AI score0.00059EPSS
Exploits1References2
OSV
OSVadded 2025/09/19 6:31 a.m.3 views

GHSA-2H8J-8R9P-849F @digitalocean/do-markdownit has Type Confusion vulnerability

Overview A type confusion issue exists in the @digitalocean/do-markdownit package. In the callout and fenceenvironment plugins, the allowedClasses and allowedEnvironments options are expected to be arrays of strings. If these options are provided as a single string, the code applies .includes...

5.4CVSS6.7AI score0.00059EPSS
Exploits1References4
OSV
OSVadded 2025/09/19 4:16 a.m.2 views

CVE-2025-59717

In the @digitalocean/do-markdownit package through 1.16.1 in npm, the callout and fenceenvironment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string instead of an array...

9.8CVSS6.8AI score
Exploits0References3
NVD
NVDadded 2025/09/19 4:16 a.m.2 views

CVE-2025-59717

In the @digitalocean/do-markdownit package through 1.16.1 in npm, the callout and fenceenvironment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string instead of an array...

9.8CVSS0.00059EPSS
Exploits1References3
CNNVD
CNNVDadded 2025/09/19 12:0 a.m.4 views

do-markdownit 安全漏洞

do-markdownit is an open source plugin from DigitalOcean. A security vulnerability exists in do-markdownit 1.16.1 and earlier versions, which stems from the callout and fenceenvironment plugins performing .includes substring matching on allowedClasses or allowedEnvironments, which could lead to a...

9.8CVSS6.3AI score0.00059EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2025/09/19 12:0 a.m.2 views

CVE-2025-59717

In the @digitalocean/do-markdownit package through 1.16.1 in npm, the callout and fenceenvironment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string instead of an array...

5.4CVSS6.5AI score0.00059EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2025/09/19 12:0 a.m.4 views

PT-2025-38507

Name of the Vulnerable Software and Affected Versions @digitalocean/do-markdownit versions through 1.16.1 Description The callout and fence environment plugins in the @digitalocean/do-markdownit package perform .includes substring matching if allowedClasses or allowedEnvironments is a string...

9.8CVSS6.4AI score0.00059EPSS
Exploits1References12
Rows per page
Query Builder