Package impact
npm / svelte
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42573 | medium | — | 5.5 | 15d ago | Svelte Vulnerable to XSS via DOM Clobbering of Internal Framework State | |||
| CVE-2026-42567 | medium | — | 5.5 | 15d ago | Svelte: ReDoS in `<svelte:element>` Tag Validation | |||
| CVE-2026-42599 | medium | — | 5.5 | 15d ago | Svelte SSR vulnerable to cross-site scripting via spread attributes |