CVE-2025-5897 – Vue.js Vue-CLI Regular Expression Complexity Vulnerability

CVE ID : CVE-2025-5897

Published : June 9, 2025, 9:15 p.m. | 1 hour, 44 minutes ago

Description : A vulnerability was found in vuejs vue-cli up to 5.0.8. It has been rated as problematic. This issue affects the function HtmlPwaPlugin of the file packages/@vue/cli-plugin-pwa/lib/HtmlPwaPlugin.js of the component Markdown Code Handler. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…