CVE-2025-26791
DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to mutation cross-site scripting (mXSS).
- T
Tim Bastin detected CVE-2025-26791 with a risk of 0.45
System updated the risk assessment to 0.36
System recalculated raw risk assessment
- T
Tim Bastin detected CVE-2025-26791 with a risk of 1.8
- t
timbastin (GitHub) added a comment
This is implemented already 🙂
System updated the risk assessment from 0.36 to 0.6
System recalculated raw risk assessment
System updated the risk assessment from 0.36 to 0.6
System recalculated raw risk assessment
System
System detected CVE-2025-26791 with a risk of 1.8
System
System
System
System updated the risk assessment from 1.8 to 0.6
System recalculated raw risk assessment
System updated the risk assessment from 0.6 to 1.8
System recalculated raw risk assessment
System updated the risk assessment from 0.6 to 1.8
System recalculated raw risk assessment
System fixed CVE-2025-26791
System fixed CVE-2025-26791
System fixed CVE-2025-26791
System detected CVE-2025-26791 with a risk of 0.6
System updated the risk assessment from 0.6 to 1.8
System recalculated raw risk assessment
Add a comment
Affected component
dompurify