Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

OSV
OSVadded 2025/12/02 1:25 a.m.2 views

GHSA-4FH9-H7WG-Q85M mdast-util-to-hast has unsanitized class attribute

Impact Multiple unprefixed classnames could be added in markdown source by using character references. This could make rendered user supplied markdown code elements appear like the rest of the page. The following markdown: markdown jsxss Would create If your page then applied .xss classes or...

6.9CVSS5.8AI score0.00086EPSS
Exploits0References5
CVE
CVEadded 2025/12/01 10:17 p.m.9 views

CVE-2025-66400

Summary: mdast-util-to-hast (an MD to HAST utility) is affected from versions 13.0.0 up to before 13.2.1. The issue arises when using character references to inject unprefixed classnames in Markdown sources, which can cause rendered user-supplied code elements to appear as part of the page. The p...

6.9CVSS6.6AI score0.00086EPSS
Exploits0References3Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-17579

Malicious code in bioql PyPI...

7.5CVSS4.7AI score0.00635EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-29603

Malicious code in bioql PyPI...

9.6CVSS7AI score0.00587EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/07/23 8:38 p.m.13 views

CVE-2025-32019 Harbor's repository description page allows for XSS

Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. Versions 2.11.2 and below, as well as versions 2.12.0-rc1 and 2.13.0-rc1, contain a vulnerability where the markdown field in the info tab page can be exploited to inject XSS code. This is fixed ...

4.1CVSS0.0016EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/06/11 9:8 p.m.2 views

CVE-2025-5897

A vulnerability was found in vuejs vue-cli up to 5.0.8. It has been rated as problematic. This issue affects the function HtmlPwaPlugin of the file packages/@vue/cli-plugin-pwa/lib/HtmlPwaPlugin.js of the component Markdown Code Handler. The manipulation leads to inefficient regular expression...

7.5CVSS4.5AI score0.00635EPSS
Exploits1References1
NVD
NVDadded 2025/06/09 9:15 p.m.6 views

CVE-2025-5897

A vulnerability was found in vuejs vue-cli up to 5.0.8. It has been rated as problematic. This issue affects the function HtmlPwaPlugin of the file packages/@vue/cli-plugin-pwa/lib/HtmlPwaPlugin.js of the component Markdown Code Handler. The manipulation leads to inefficient regular expression...

7.5CVSS0.00635EPSS
Exploits1References4
CVE
CVEadded 2025/06/09 9:0 p.m.54 views

CVE-2025-5897

CVE-2025-5897 affects the Vue CLI (vue-cli) up to version 5.0.8, specifically the HtmlPwaPlugin.js in the Markdown Code Handler. The issue is an inefficient regular expression handling that can enable a Regular Expression Denial of Service (ReDoS) scenario and may be triggered remotely. Multiple ...

7.5CVSS4.8AI score0.00635EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2025/06/09 9:0 p.m.12 views

CVE-2025-5897 vuejs vue-cli Markdown Code HtmlPwaPlugin.js HtmlPwaPlugin redos

A vulnerability was found in vuejs vue-cli up to 5.0.8. It has been rated as problematic. This issue affects the function HtmlPwaPlugin of the file packages/@vue/cli-plugin-pwa/lib/HtmlPwaPlugin.js of the component Markdown Code Handler. The manipulation leads to inefficient regular expression...

5.3CVSS0.00635EPSS
Exploits1References4
Rows per page
Query Builder