Vulnerability DB

VULNERABILITY	AFFECTS	TYPE	PUBLISHED
M Exposure of Sensitive System Information to an Unauthorized Control Sphere	next>=15.0.0-rc.0 <15.0.6>=15.1.0 <15.1.10>=15.2.0-canary.0 <15.2.7>=15.3.0-canary.0 <15.3.7>=15.4.0-canary.0 <15.4.9>=15.5.0 <15.5.8>=16.0.0-beta.0 <16.0.9>=16.1.0-canary.0 <16.1.0-canary.19	npm	12 Dec 2025
M Exposure of Sensitive System Information to an Unauthorized Control Sphere	react-server-dom-turbopack>=19.0.0 <19.0.2>=19.1.0 <19.1.3>=19.2.0 <19.2.2	npm	12 Dec 2025
M Exposure of Sensitive System Information to an Unauthorized Control Sphere	react-server-dom-parcel>=19.1.0 <19.1.3>=19.2.0 <19.2.2	npm	12 Dec 2025
M Exposure of Sensitive System Information to an Unauthorized Control Sphere	react-server-dom-webpack>=19.0.0 <19.0.2>=19.1.0 <19.1.3>=19.2.0 <19.2.2	npm	12 Dec 2025
H Deserialization of Untrusted Data	next>=14.2.34 <14.2.35>=15.0.6 <15.0.7>=15.1.10 <15.1.11>=15.2.7 <15.2.8>=15.3.7 <15.3.8>=15.4.9 <15.4.10>=15.5.8 <15.5.9>=16.0.9 <16.0.10>=16.1.0-canary.0 <16.1.0-canary.19	npm	12 Dec 2025
H Deserialization of Untrusted Data	react-server-dom-turbopack>=19.0.2 <19.0.3>=19.1.3 <19.1.4>=19.2.2 <19.2.3	npm	12 Dec 2025
H Deserialization of Untrusted Data	react-server-dom-parcel>=19.1.3 <19.1.4>=19.2.2 <19.2.3	npm	12 Dec 2025
H Deserialization of Untrusted Data	react-server-dom-webpack>=19.0.2 <19.0.3>=19.1.3 <19.1.4>=19.2.2 <19.2.3	npm	12 Dec 2025
H Deserialization of Untrusted Data	next>=13.3.0 <14.2.34>=15.0.0-rc.0 <15.0.6>=15.1.0 <15.1.10>=15.2.0-canary.0 <15.2.7>=15.3.0-canary.0 <15.3.7>=15.4.0-canary.0 <15.4.9>=15.5.0 <15.5.8>=16.0.0-beta.0 <16.0.9>=16.1.0-canary.0 <16.1.0-canary.19	npm	12 Dec 2025
H Deserialization of Untrusted Data	react-server-dom-turbopack>=19.0.0 <19.0.2>=19.1.0 <19.1.3>=19.2.0 <19.2.2	npm	12 Dec 2025
H Deserialization of Untrusted Data	react-server-dom-parcel>=19.1.0 <19.1.3>=19.2.0 <19.2.2	npm	12 Dec 2025
H Deserialization of Untrusted Data	react-server-dom-webpack>=19.0.0 <19.0.2>=19.1.0 <19.1.3>=19.2.0 <19.2.2	npm	12 Dec 2025
M XML Injection	fonttools[4.33.0,4.61.0)	pip	12 Dec 2025
C Malicious Package	cms_comp_static*	npm	12 Dec 2025
C Malicious Package	pluxee-design-system*	npm	12 Dec 2025
M Cross-site Scripting (XSS)	nicegui[,3.4.0)	pip	12 Dec 2025
C Malicious Package	uba-plugins*	npm	12 Dec 2025
C Malicious Package	wds-icons*	npm	12 Dec 2025
C Malicious Package	cos-js-sdk-v6*	npm	12 Dec 2025
C Malicious Package	kashif-mallah-fca*	npm	12 Dec 2025
C Malicious Package	hl-naduccio*	npm	12 Dec 2025
C Malicious Package	camscanner-seo*	npm	12 Dec 2025
C Malicious Package	abrhide*	npm	12 Dec 2025
C Malicious Package	eslint-config-zoo*	npm	12 Dec 2025
C Malicious Package	sdbao-content-sems*	npm	12 Dec 2025
C Malicious Package	sd-pay*	npm	12 Dec 2025
C Malicious Package	shopify-monorail*	npm	12 Dec 2025
C Malicious Package	iraza2-fca*	npm	12 Dec 2025
C Malicious Package	cms_comp*	npm	12 Dec 2025
C Malicious Package	sd-pay-ts*	npm	12 Dec 2025

APPLICATION

OPERATING SYSTEM