| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-27902 | Svelte Vulnerable to XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers | sveltejs | svelte | - | - | 2026-02-26 00:58:55 | Deep Dive |
| CVE-2026-27901 | Svelte vulnerable to XSS during SSR with contenteditable `bind:innerText` and `bind:textContent` | sveltejs | svelte | - | - | 2026-02-26 00:57:40 | Deep Dive |
| CVE-2026-27125 | Svelte SSR attribute spreading includes inherited properties from prototype chain | sveltejs | svelte | 中危 | - | 2026-02-20 22:29:45 | Deep Dive |
| CVE-2026-27122 | Svelte SSR does not validate dynamic element tag names in `<svelte:element>` | sveltejs | svelte | 中危 | - | 2026-02-20 22:28:38 | Deep Dive |
| CVE-2026-27121 | Svelte affected by cross-site scripting via spread attributes in Svelte SSR | sveltejs | svelte | 中危 | - | 2026-02-20 22:27:36 | Deep Dive |
| CVE-2026-27119 | Svelte affected by XSS in SSR `<option>` element | sveltejs | svelte | 中危 | - | 2026-02-20 22:25:43 | Deep Dive |
| CVE-2025-15265 | Svelte 5.46.0 - Hydratable Key Script-Breakout XSS (SSR) | Svelte | Svelte | - | - | 2026-01-15 19:59:42 | Deep Dive |
| CVE-2024-45047 | Potential mXSS vulnerability due to improper HTML escaping in svelte | sveltejs | svelte | Medium | 5.4 | 2024-08-30 16:55:39 | Deep Dive |
| CVE-2022-25875 | Cross-site Scripting (XSS) | - | svelte | Medium | 5.4 | 2022-07-12 14:20:18 | Deep Dive |