Package impact
npm / @nuxt/webpack-builder
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45670 | medium | — | 5.5 | 10d ago | Nuxt: Dev server exposes built source over LAN to malicious sites (incomplete fix for GHSA-4gf7-ff8x-hq99) | |||
| CVE-2025-24361 | unknown | — | — | 1y ago | Opening a malicious website while running a Nuxt dev server could allow read-only access to code |