CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2025/08/14 6:52 p.m.•2 views

MAL-2025-22753 Malicious code in html-webpack-plugin-panspermia-local-tachyon (npm)

The package html-webpack-plugin-panspermia-local-tachyon was found to contain malicious code...

7.2AI score

OSV•added 2025/02/03 5:25 p.m.•3 views

MAL-2025-1038 Malicious code in html-webpack-plugin-v4 (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 660341362f6329de70cdccedcc76ff3841c456fce84ac128ed9db104838ca1af Any computer that has this package installed or running should be considered...

OSV•added 2025/02/03 5:25 p.m.•2 views

MAL-2025-1039 Malicious code in html-webpack-plugin-v5 (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9ed88e44f9e2966208907dcc8fd1b170e683aa017e8a706289a5bd2134e60f37 Any computer that has this package installed or running should be considered...

OSSF Malicious Packages•added 2025/02/03 5:25 p.m.•2 views

Malicious code in html-webpack-plugin-v4 (npm)

6.8AI score

OSSF Malicious Packages•added 2025/02/03 5:25 p.m.•2 views

Malicious code in html-webpack-plugin-v5 (npm)

6.8AI score

OSSF Malicious Packages•added 2025/01/21 7:47 a.m.•3 views

Malicious code in webpack-inline-constant-exports-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb8ae870fad74826ac57af33f27bdbe9e74f667ec62aac01b5c9e55a47d36001 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/01/21 7:47 a.m.•2 views

Malicious code in webpack-extensive-lodash-replacement-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 845800d2390e86cf58dcd05fd029a2ff2a064fef8ec1bc60b2ad041467db4fdb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2024/12/09 3:12 a.m.•1 views

Malicious code in nodes-polyfill-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=-...

OSV•added 2024/12/09 3:12 a.m.•2 views

MAL-2024-11408 Malicious code in nodes-polyfill-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score

CNNVD•added 2023/08/21 12:0 a.m.•2 views

Critters 跨站脚本漏洞

Critters is a GoogleChromeLabs open source Webpack plugin . Used to inline critical CSS and delay loading the rest. A security vulnerability exists in Critters versions 0.0.17-0.0.19. An attacker exploited the vulnerability to perform cross-site scripting attacks...

6.1CVSS6AI score0.00224EPSS

Exploits0References2

Snyk•added 2023/01/29 3:29 p.m.•1 views

Malicious Package

Overview copy-webpack-plugin-v6 is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7.1AI score

OSSF Malicious Packages•added 2022/08/19 3:55 a.m.•2 views

Malicious code in ug-lifjjs-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e581f845ff82ba5bc69671074334830a97a5a7b9a97f2e322f8fea230e11681 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2022/08/19 3:55 a.m.•4 views

MAL-2022-6741 Malicious code in ug-lifjjs-webpack-plugin (npm)

OSV•added 2022/08/19 3:55 a.m.•9 views

MAL-2022-5475 Malicious code in progressbr-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 43615dd79938c73f8d450d54000bb3168c08f0f78d1110e17e53fb4933ee0c3b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2022/08/19 3:55 a.m.•4 views

Malicious code in fork-ts-checker-webpack-lugin-alt (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware aab6c3138834084628633efb364c3a3cca38b47891a4b52a61499b82b25f6a20 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2022/06/20 8:15 p.m.•4 views

MAL-2022-6079 Malicious code in shared-library-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc75dde7f09ece6b14dd7e91131013f1af31223f238d015382c497ea79107ccc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2022/06/20 8:15 p.m.•2 views

Malicious code in shared-library-webpack-plugin (npm)

OSSF Malicious Packages•added 2022/06/20 8:12 p.m.•2 views

Malicious code in deps-json-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f503791c8f572fb50134eb9d7bb40c61cc0a42fdb6c4e9a389396c1b072f25e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2022/06/20 8:12 p.m.•3 views

MAL-2022-2444 Malicious code in deps-json-webpack-plugin (npm)