Lucene search
K

665 matches found

Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.7 views

PT-2026-3410

Summary Since 2017, the default webpack plugins have passed the entire process.env to EnvironmentPlugin. This pattern exposed ALL build environment variables to client-side JavaScript bundles whenever application code or any dependency referenced process.env.VARIABLE NAME. This is not a regressio...

7.5CVSS7.1AI score
Exploits0References5
EUVD
EUVD
added 2025/11/24 4:19 p.m.7 views

EUVD-2025-198960

Malicious code in @tezign/html-webpack-plugin npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/24 4:19 p.m.6 views

MAL-2025-190916 Malicious code in @tezign/html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 437929a07e5bc4e0e6dfe545fa858db027aa2ba4e6fa87701a09d5b07277b543 The package @tezign/html-webpack-plugin was found to contain malicious code...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 4:19 p.m.7 views

Malicious code in @tezign/html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 437929a07e5bc4e0e6dfe545fa858db027aa2ba4e6fa87701a09d5b07277b543 The package @tezign/html-webpack-plugin was found to contain malicious code...

7AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-176606

Malicious code in rollup-plugin-chai-soap-terser-webpack-plugin npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-179458

Malicious code in css-minimizer-webpack-plugin-superagent-npm-private npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-179772

Malicious code in changelog-gridsome-perseus-css-minimizer-webpack-plugin npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-179476

Malicious code in csrf-bootes-html-webpack-plugin-ichnology npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-178503

Malicious code in html-webpack-plugin-version-vulcan-rollup npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.6 views

EUVD-2025-177433

Malicious code in optimize-css-assets-webpack-plugin-pm2-lyra-miranda npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-177618

Malicious code in nextjs-html-webpack-plugin-express-gemini npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-187378 Malicious code in html-webpack-plugin-vega-atlas-fetch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72fd14fbfa7df3518df196ac7331d4c07644a19e457f73f31be91ee9ab01ce42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-188465 Malicious code in orbit-html-webpack-plugin-xml-docusaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08fb8c907f7e235373242f869cd54f573229f75943e3b713df6ab822fa2142e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-189875 Malicious code in terser-webpack-plugin-nestjs-umbriel-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce5383d1d73e04c37c0a2d6b250a999810d40f5479e51250c1e31ccd8bde1485 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-188264 Malicious code in nextjs-html-webpack-plugin-express-gemini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b3221eb423eac0b572d326e1984f49231a18c9d5791b59c0f4a62fa33add06e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-177910

Malicious code in meissa-optimize-css-assets-webpack-plugin-express-lint-staged npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-178745

Malicious code in gemini-gravity-xanadu-css-minimizer-webpack-plugin npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-179393

Malicious code in darkmatter-pegasus-optimize-css-assets-webpack-plugin-andromeda npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-179457

Malicious code in css-minimizer-webpack-plugin-virtualreality-ignite-node-sass npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in bunyan-redis-capella-html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56b9ec0c5fa82205dee259b73ad694a1c72663bb5a0d4d0e23c5bbbfbe461f40 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder