VYPR

Babel

by Babel

Source repositories

CVEs (6)

  • CVE-2026-44728HigMay 26, 2026
    risk 0.46cvss 8.2epss 0.00

    Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed…

  • CVE-2025-27789MedMar 11, 2025
    risk 0.33cvss 6.2epss 0.00

    Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named capturing groups, Babel will generate a polyfill for the `.replace` method that has quadratic complexity on some…

  • CVE-2019-1010290Jul 16, 2019
    risk 0.02cvss epss 0.04

    Babel: Multilingual site Babel All is affected by: Open Redirection. The impact is: Redirection to any URL, which is supplied to redirect.php in a "newurl" parameter. The component is: redirect.php. The attack vector is: The victim must open a link created by an attacker.…

  • CVE-2026-49356lowJun 15, 2026
    risk 0.00cvss epss 0.00

    ## Impact Using `@babel/core` to compile maliciously crafted code can allow ab attacker to read any source map from the system that is running Babel, if these conditions are _all_ true: - the attacker controls the input source code - the attacker can read the output source code…

  • CVE-2024-8095May 15, 2025
    risk 0.00cvss epss 0.00

    The BabelZ WordPress plugin through 1.1.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.

  • CVE-2023-45133Oct 12, 2023
    risk 0.00cvss epss 0.01

    Babel is a compiler for writingJavaScript. In `@babel/traverse` prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of `babel-traverse`, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when…