vuejs CVE Vulnerabilities & CVE List (2)

Products (CPE): — CVEs: 2

vuejs vulnerability overview

This page aggregates publicly disclosed CVE and security risk information related to vuejs, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

Vulnerability distribution trend (last 24 months)

Showing 12 of 2 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2025-5897 A vulnerability was found in vuejs vue-cli up to 5.0.8. It has been rated as problematic. This issue affects the function HtmlPwaPlugin of the file packages/@vue/cli-plugin-pwa/lib/HtmlPwaPlugin.js of the component Markdown Code Handler. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely. [email protected] 5.3 0.50% 2025-06-09 2026-06-17
CVE-2023-5718 The Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via the standard `postMessage()` API. By creating a malicious web page with an iFrame targeting a sensitive resource (i.e. a locally accessible file or sensitive website), and registering a listener on the web page, the extension sent messages back to the listener, containing the base64 encoded screenshot data of the sensitive resource. [email protected] 4.3 0.25% 2023-10-23 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence