Every CVE whose affected-product data names Parceljs Parcel, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2018-14731 — CVSS 7.5 (high): An issue was discovered in HMRServer.js in Parcel parcel-bundler. Attackers are able to steal developer's code because the origin of…
CVE-2025-56648 — CVSS 6.5 (medium): npm parcel 2.0.0-alpha and before has an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the…