MEDIUM 5.3 npm
GHSA-4v9v-hfq4-rm2v · CVE-2025-30359 webpack-dev-server users' source code may be stolen when they access a malicious web site
Modified: 2/4/2026
package
npm / webpack-dev-server
pkg:npm/webpack-dev-server
MEDIUM 5.3 npm
GHSA-79cf-xcqc-c78w · CVE-2026-6402 webpack-dev-server vulnerable to cross-origin source code exposure on non-HTTPS origins
Modified: 5/18/2026
MEDIUM 6.5 npm
GHSA-9jgg-88mc-972h · CVE-2025-30360 webpack-dev-server users' source code may be stolen when they access a malicious web site with non-Chromium based browser
Modified: 2/4/2026
HIGH 7.5 npm
GHSA-cf66-xwfp-gvc4 · CVE-2018-14732 Missing Origin Validation in webpack-dev-server
Modified: 11/8/2023
MEDIUM 5.3 npm
GHSA-mx8g-39q3-5c79 · CVE-2026-9595 webpack-dev-server vulnerable to HMR WebSocket interception via permissive user proxies
Modified: 6/17/2026