All 4 CVE vulnerabilities found in webpack-dev-server, with AI-generated Chinese analysis, references, and POCs.
Vendor: webpack
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-9595 | webpack-dev-server vulnerable to HMR WebSocket interception via permissive user proxies CWE-346 | 5.3 | Medium | 2026-06-15 |
| CVE-2026-6402 | webpack-dev-server vulnerable to cross-origin source code exposure on non-HTTPS origins CWE-749 | 5.3 | Medium | 2026-05-12 |
| CVE-2025-30360 | webpack-dev-server users' source code may be stolen when they access a malicious web site with non-Chromium based browser CWE-346 | 6.5 | Medium | 2025-06-03 |
| CVE-2025-30359 | webpack-dev-server users' source code may be stolen when they access a malicious web site CWE-749 | 5.3 | Medium | 2025-06-03 |
All 4 known CVE vulnerabilities affecting webpack-dev-server with full Chinese analysis, references, and POCs where available.