68 matches found
GHSA-48M6-CH88-55MJ
creationtimestamp| type| source ---|---|--- 2026-04-23 21:26:31+00:00| seen| Telegram/BiTM4VWQdbYmMG43-mv447qo5-YjFbOvUme2BKAYDCNPPw...
CVE-2025-23885
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in anildhiman MJ Contact us mj-contact-us allows Reflected XSS.This issue affects MJ Contact us: from n/a through = 5.2.3...
CVE-2025-67898
MJML through 4.18.0 allows mj-include directory traversal to test file existence and in the type="css" case read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827...
MJML allows mj-include directory traversal due to an incomplete fix for CVE-2020-12827
MJML through 4.18.0 allows mj-include directory traversal to test file existence and in the type="css" case read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827...
CVE-2025-67898
CVE-2025-67898 affects MJML up to version 4.18.0, where the mj-include directive allows directory traversal to test file existence and, in type="css" cases, read files. The issue arises from an incomplete fix related to CVE-2020-12827. Several connected sources corroborate the exact behavior (dir...
CVE-2025-67898
MJML through 4.18.0 allows mj-include directory traversal to test file existence and in the type="css" case read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827...
Mailjet MJML 安全漏洞
Mailjet MJML is a responsive email framework from the French company Mailjet. A security vulnerability exists in Mailjet MJML version 4.18.0 and earlier, which stems from mj-include allowing directory traversal, which could lead to testing for file existence and reading files...
EUVD-2025-34659
Malicious code in debug-mj-v3 npm...
EUVD-2025-34660
Malicious code in debug-mj npm...
Malicious Package
Overview debug-mj is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious Package
Overview debug-mj-v3 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...
MAL-2025-48429 Malicious code in debug-mj (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f60289f1a0f9296cf8aa9ed744c256c0963a95dc751ff52a708d2676d14825a Any computer that has this package installed or running should be considered...
MAL-2025-48430 Malicious code in debug-mj-v3 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74c0451e3b813ae12fff8e9f76bd4570a074a6bda1a7391e28f789182a6cb0e6 Any computer that has this package installed or running should be considered...
Malicious code in debug-mj-v3 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74c0451e3b813ae12fff8e9f76bd4570a074a6bda1a7391e28f789182a6cb0e6 Any computer that has this package installed or running should be considered...
EUVD-2022-2384
Malicious code in bioql PyPI...
EUVD-2024-35430
Malicious code in bioql PyPI...
EUVD-2024-30345
Malicious code in bioql PyPI...
EUVD-2025-3503
Malicious code in bioql PyPI...
Malicious code in @zalastax/nolb-_mj (npm)
The package @zalastax/nolb-mj was found to contain malicious code...
MAL-2025-10227 Malicious code in @zalastax/nolb-_mj (npm)
The package @zalastax/nolb-mj was found to contain malicious code...