OsVault/npm/rollup

npm

rollup

19 known vulnerabilities · 0 critical · 3 high

CVE-2024-47068

DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS

Published Sep 23, 2024

CVE-2026-27606

Rollup 4 has Arbitrary File Write via Path Traversal

Published Feb 25, 2026

CVE-2020-7683HIGH

Directory traversal in rollup-plugin-server

Published Jul 29, 2020

CVE-2020-7684HIGH

Path traversal in rollup-plugin-serve

Published May 18, 2021

CVE-2020-7686HIGH

Directory traversal in rollup-plugin-server

Published Jul 29, 2020

MAL-2026-3009

Malicious code in rollup-plugin-polyfill-route (npm)

Published Apr 23, 2026

MAL-2026-1979

Malicious code in rollup-plugin-polyfill-utils (npm)

Published Mar 20, 2026

MAL-2022-688

Malicious code in @ucs-private/rollup-plugin-dts-bundle (npm)

Published Jul 22, 2022

MAL-2026-976

Malicious code in rollup-plugin-polyfill-swc (npm)

Published Feb 20, 2026

MAL-2022-370

Malicious code in @jmfe/rollup-plugin-jss-upload (npm)

Published Jun 20, 2022

MAL-2024-11081

Malicious code in rollup-plugin-hotreload (npm)

Published Nov 27, 2024

MAL-2022-5837

Malicious code in rollup-plugin-lnode-desolve (npm)

Published Aug 19, 2022

MAL-2022-5838

Malicious code in rollup-pluginuls (npm)

Published Aug 19, 2022

MAL-2022-5839

Malicious code in rollup-pugin-babek (npm)

Published Aug 19, 2022

MAL-2022-5840

Malicious code in rollup-pulgin-comsonjs (npm)

Published Aug 19, 2022

MAL-2024-10783

Malicious code in rollup-plugin-amd-output-enhance (npm)

Published Nov 15, 2024

MAL-2025-3915

Malicious code in rollup-plugin-remove-import (npm)

Published May 16, 2025

MAL-2025-190858

Malicious code in rollup-plugin-httpfile (npm)

Published Nov 24, 2025

MAL-2026-1967

Malicious code in rollup-plugin-polyfill-build (npm)

Published Mar 20, 2026

Check your entire dependency tree at onceRun dependency scan →