CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1886 matches found

Cvelist•added 2025/11/07 12:43 a.m.•3 views

CVE-2025-52662

A vulnerability in Nuxt DevTools has been fixed in version 2.6.4. This issue may have allowed Nuxt auth token extraction via XSS under certain configurations. All users are encouraged to upgrade. More details: https://vercel.com/changelog/cve-2025-52662-xss-on-nuxt-devtools...

6.9CVSS0.00026EPSS

Exploits1References2

Vulnrichment•added 2025/11/07 12:43 a.m.•1 views

CVE-2025-52662

6.9CVSS6AI score0.00026EPSS

Exploits1References2

CVE•added 2025/11/07 12:43 a.m.•8 views

CVE-2025-52662

Nuxt DevTools contains an XSS vulnerability that could allow extraction of authentication tokens under certain configurations. The issue has been fixed in version 2.6.4, and users are advised to upgrade to mitigate the risk. Affected component: Nuxt DevTools; nature: cross-site scripting on the a...

6.9CVSS6AI score0.00026EPSS

Exploits1References2Affected Software1

CNNVD•added 2025/11/07 12:0 a.m.•1 views

Nuxt DevTools 安全漏洞

Nuxt DevTools is an open source set of visualization tools from Nuxt. A security vulnerability exists in Nuxt DevTools version 2.6.4 that stems from the possibility of extracting Nuxt authentication tokens via cross-site scripting under certain configurations...

6.9CVSS6.2AI score0.00026EPSS

Exploits1References3

Positive Technologies•added 2025/11/07 12:0 a.m.•2 views

PT-2025-45398

Name of the Vulnerable Software and Affected Versions Nuxt DevTools versions prior to 2.6.4 Description A flaw exists in Nuxt DevTools that could allow the extraction of Nuxt authentication tokens through a cross-site scripting XSS attack, under specific configurations. Recommendations Update to...

6.9CVSS5.8AI score0.00026EPSS

Exploits1References6

GithubExploit•added 2025/11/06 6:46 a.m.•189 views

Exploit for OS Command Injection in Nestjs Devtools-Integration

PoC exploit for CVE-2025-54782, a vulnerability in an unspecifie...

9.4CVSS8.1AI score0.35077EPSS

Exploits4

GithubExploit•added 2025/10/22 9:48 a.m.•166 views

Exploit for Cross-Site Request Forgery (CSRF) in Nestjs Devtools-Integration

CVE-2025-54...

9.4CVSS7AI score0.35077EPSS

Exploits4

OSSF Malicious Packages•added 2025/10/21 7:21 a.m.•2 views

Malicious code in @jdtaro/dynamic-devtools-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31153e0cd25bffc9c1582e7fe176e131e49c4a1fdfdc58c55cdf25dcd99a5b55 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

Snyk•added 2025/10/21 7:21 a.m.•1 views

Malicious Package

Overview @jdtaro/dynamic-devtools-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and thi...

9.8CVSS6.8AI score

Exploits0References2