hik-mapbox (>=0.0.1 <=1.4.3) potentially affected by unknown CVE via @antv/l7-three (=2.25.4)

@antv/l7-three NPM version =2.25.4 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/l7-three and may be impacted: - hik-mapbox =0.0.1, =1.4.3 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4052...

org.webjars.npm:adal-node (=0.1.28), org.webjars.npm:canvg (>=1.5.2 <=1.5.3) +14 more potentially affected by CVE-2026-41675 via org.webjars.npm:xmldom (>=0.1.31 <=0.6.0)

org.webjars.npm:xmldom MAVEN version =0.1.31, =1.5.2, =0.7.2, =0.14.0, =0.11.0, =7.14.0, =2.7.0, =2.9.2 and more Source cves: CVE-2026-41675 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16134553...

CVE-2026-2580

The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 4.9.1 due to insufficient escaping on the user supplied parameter and lack of...

Malicious Package

Overview mapbox-demo-components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

@mapbox/vnu-validate-html (=0.1.0), @northernbeat/gulp-tasks (>=1.0.48 <=1.0.50) +32 more potentially affected by CVE-2025-15104 via vnu-jar (>=16.12.27 <=25.12.31)

vnu-jar NPM version =16.12.27, =1.0.48, =1.0.3, =0.9.0, =0.1.1, =0.7.0, =0.1.2, =0.6.0, =8.1.0, =9.1.1, =1.0.0, =1.1.2, =2.0.0 and more Source cves: CVE-2025-15104 Source advisory: OSV:GHSA-FCCG-7W3P-W66F...

CVE-2022-38216

An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds...

MAL-2025-191045 Malicious code in @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd6b81efa112c215fc1db9c23a7808a0d8613c693b7e60a8e988a360a5f1fb54 The package @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode was found to contain malicious code. Source: ghsa-malware...

Malicious code in @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd6b81efa112c215fc1db9c23a7808a0d8613c693b7e60a8e988a360a5f1fb54 The package @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199160

Malicious code in @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode npm...

Malicious code in @orbitgtbelgium/mapbox-gl-draw-scale-rotate-mode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e4c029f895b6e2e59e54d01b72927b97daa87a560816829220a1b62775221ae The package @orbitgtbelgium/mapbox-gl-draw-scale-rotate-mode was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-198655

Malicious code in @orbitgtbelgium/mapbox-gl-draw-scale-rotate-mode npm...

CVE-2025-62942

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tempranova WP Mapbox GL JS Maps wp-mapbox-gl-js allows Stored XSS.This issue affects WP Mapbox GL JS Maps: from n/a through = 3.0.1...

EUVD-2025-35999

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tempranova WP Mapbox GL JS Maps wp-mapbox-gl-js allows Stored XSS.This issue affects WP Mapbox GL JS Maps: from n/a through = 3.0.1...

CVE-2025-62942

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tempranova WP Mapbox GL JS Maps wp-mapbox-gl-js allows Stored XSS.This issue affects WP Mapbox GL JS Maps: from n/a through = 3.0.1...

CVE-2025-62942

CVE-2025-62942 is a stored XSS in WP Mapbox GL JS Maps (Tempranova) affecting versions

CVE-2025-62942 WordPress WP Mapbox GL JS Maps plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tempranova WP Mapbox GL JS Maps wp-mapbox-gl-js allows Stored XSS.This issue affects WP Mapbox GL JS Maps: from n/a through = 3.0.1...

CVE-2025-62942 WordPress WP Mapbox GL JS Maps plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tempranova WP Mapbox GL JS Maps wp-mapbox-gl-js allows Stored XSS.This issue affects WP Mapbox GL JS Maps: from n/a through = 3.0.1...

WordPress plugin WP Mapbox GL JS Maps 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... A cross-site...

PT-2025-43818

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tempranova WP Mapbox GL JS Maps wp-mapbox-gl-js allows Stored XSS.This issue affects WP Mapbox GL JS Maps: from n/a through = 3.0.1...

WordPress WP Mapbox GL JS Maps plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WP Mapbox GL JS Maps versions = 3.0.1...