Lucene search
K

665 matches found

Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.6 views

PT-2026-3410

Summary Since 2017, the default webpack plugins have passed the entire process.env to EnvironmentPlugin. This pattern exposed ALL build environment variables to client-side JavaScript bundles whenever application code or any dependency referenced process.env.VARIABLE NAME. This is not a regressio...

7.5CVSS7.1AI score
Exploits0References5
OSV
OSV
added 2025/11/24 4:19 p.m.6 views

MAL-2025-190916 Malicious code in @tezign/html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 437929a07e5bc4e0e6dfe545fa858db027aa2ba4e6fa87701a09d5b07277b543 The package @tezign/html-webpack-plugin was found to contain malicious code...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 4:19 p.m.7 views

Malicious code in @tezign/html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 437929a07e5bc4e0e6dfe545fa858db027aa2ba4e6fa87701a09d5b07277b543 The package @tezign/html-webpack-plugin was found to contain malicious code...

7AI score
Exploits0
EUVD
EUVD
added 2025/11/24 4:19 p.m.6 views

EUVD-2025-198960

Malicious code in @tezign/html-webpack-plugin npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-176606

Malicious code in rollup-plugin-chai-soap-terser-webpack-plugin npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-179458

Malicious code in css-minimizer-webpack-plugin-superagent-npm-private npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-179772

Malicious code in changelog-gridsome-perseus-css-minimizer-webpack-plugin npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-177313

Malicious code in parsec-kaus-optimize-css-assets-webpack-plugin-triton npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-179476

Malicious code in csrf-bootes-html-webpack-plugin-ichnology npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-178503

Malicious code in html-webpack-plugin-version-vulcan-rollup npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.6 views

EUVD-2025-177433

Malicious code in optimize-css-assets-webpack-plugin-pm2-lyra-miranda npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-187372 Malicious code in html-webpack-plugin-atlas-global-lacerta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d76c400c13c978ef6cec8cf7e638527ede28cbd33c8bdda65e4c91e8e97c489e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-187374 Malicious code in html-webpack-plugin-hologram-stream-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07f786614246d2d9d6432c8d36c1015a7c75b9a2b3c99baa78f244a48ad6eb9f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-186406 Malicious code in csrf-bootes-html-webpack-plugin-ichnology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42e683c14d1e59c58cadcd514400f46ff49670101cb068cc2ecf1d95b413dcf9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-188264 Malicious code in nextjs-html-webpack-plugin-express-gemini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b3221eb423eac0b572d326e1984f49231a18c9d5791b59c0f4a62fa33add06e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-185824 Malicious code in biomimicry-epigenetics-rimraf-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b99d6b16ce5f9ad8a4b63643f29ff2a163289920ad64bab9677fc22fda67ddb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-177618

Malicious code in nextjs-html-webpack-plugin-express-gemini npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-189875 Malicious code in terser-webpack-plugin-nestjs-umbriel-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce5383d1d73e04c37c0a2d6b250a999810d40f5479e51250c1e31ccd8bde1485 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-187937 Malicious code in markdown-relay-optimize-css-assets-webpack-plugin-neutrino (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 814d9c5cb9e62fb3014607e0cc8e6b132834d0f216d57d6a055d9aba26c110d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.5 views

MAL-2025-187972 Malicious code in meissa-optimize-css-assets-webpack-plugin-express-lint-staged (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3eedff5af78c38d953cd8a24a97713690a208d01ffa5df7018314e5f3ba5667 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Rows per page
Query Builder