Vulnerability in Prebid Prebid.js
CVE-2025-59038
Prebid.js is a free and open source library for publishers to quickly implement header bidding. NPM users of prebid 10.9.2 may have been briefly compromised by a malware campaign. The malicious code attempts to redirect crypto transactions…
EPSS: 0.003 (24.1th percentile) — read the EPSS interpretation.
Affected products
- Prebid Prebid.js — versions = 10.9.2
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)