CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

MAL-2025-45578 Malicious code in postcss-sedna-perturbation-cordelia (npm)

The package postcss-sedna-perturbation-cordelia was found to contain malicious code...

MAL-2025-45579 Malicious code in postgres-futurology-standard-postcss (npm)

The package postgres-futurology-standard-postcss was found to contain malicious code...

OSSF Malicious Packages•added 2025/09/05 5:10 p.m.•2 views

Malicious code in supervisor-geochemistry-postcss-deimos (npm)

The package supervisor-geochemistry-postcss-deimos was found to contain malicious code...

OSSF Malicious Packages•added 2025/09/05 5:10 p.m.•2 views

Malicious code in futurology-postcss-loader-vulcan-genomics (npm)

The package futurology-postcss-loader-vulcan-genomics was found to contain malicious code...

OSV•added 2025/09/05 5:10 p.m.•0 views

MAL-2025-45540 Malicious code in perseus-changelog-await-postcss (npm)

The package perseus-changelog-await-postcss was found to contain malicious code...

MAL-2025-44122 Malicious code in electron-postcss-io-dynamo (npm)

The package electron-postcss-io-dynamo was found to contain malicious code...

OSSF Malicious Packages•added 2025/09/05 5:10 p.m.•2 views

Malicious code in electron-postcss-io-dynamo (npm)

The package electron-postcss-io-dynamo was found to contain malicious code...

OSSF Malicious Packages•added 2025/09/05 5:10 p.m.•2 views

Malicious code in iota-terser-webpack-plugin-hermes-postcss (npm)

The package iota-terser-webpack-plugin-hermes-postcss was found to contain malicious code...

MAL-2025-45552 Malicious code in phylogenetics-adonis-postcss-loader-frontend (npm)

The package phylogenetics-adonis-postcss-loader-frontend was found to contain malicious code...

OSSF Malicious Packages•added 2025/09/05 5:10 p.m.•2 views

Malicious code in astro-postcss-loader-grunt-selenium (npm)

The package astro-postcss-loader-grunt-selenium was found to contain malicious code...

OSSF Malicious Packages•added 2025/09/05 5:10 p.m.•3 views

Malicious code in postgres-futurology-standard-postcss (npm)

The package postgres-futurology-standard-postcss was found to contain malicious code...

OSV•added 2025/09/05 5:10 p.m.•2 views

MAL-2025-45996 Malicious code in semantic-ui-selenium-test-postcss (npm)

The package semantic-ui-selenium-test-postcss was found to contain malicious code...

Microsoft CVE•added 2025/09/03 9:32 p.m.•2 views

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being included in a comment.

...

5.3CVSS7AI score0.00166EPSS

Tenable Nessus•added 2025/08/18 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2021-23382

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service ReDoS via getAnnotationURL and loadAnnotation in lib/previous-map.js. T...

7.5CVSS6.7AI score0.00074EPSS

Exploits1References2

Tenable Nessus•added 2025/08/18 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2021-23368

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing. CVE-2021-23368 Note tha...

5.3CVSS6.5AI score0.01009EPSS

Exploits1References2

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•2 views

Malicious code in quantumfoam-nconf-postcss-acamar (npm)

The package quantumfoam-nconf-postcss-acamar was found to contain malicious code...

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•1 views

Malicious code in kinetic-mui-fornax-postcss (npm)

The package kinetic-mui-fornax-postcss was found to contain malicious code...