sveltejs Summary

Latest vulnerabilities published by sveltejs

JSON RSS CSV 🔔 Create Alert Trigger

15 January 2026

Denial of Service Vulnerability in Svelte devalue JavaScript Library
CVE-2026-22775
SveltejsDevalue7.5HIGH
Denial of Service Vulnerability in Svelte JavaScript Library
CVE-2026-22774
SveltejsDevalue7.5HIGH
Memory Exhaustion Vulnerability in SvelteKit by Svelte
CVE-2026-22803
SveltejsKit8.2HIGH
Server Side Request Forgery Vulnerability in SvelteKit Framework
CVE-2025-67647
SveltejsKit8.4HIGH

26 August 2025

Prototype Pollution in Svelte's Devalue Utility Library
CVE-2025-57820
SveltejsDevalue7.9HIGH

15 April 2025

XSS Vulnerability in SvelteKit Framework Affects Web Application Development
CVE-2025-32388
SveltejsKit5.4MEDIUM

30 August 2024

Svelte Addresses mXSS Vulnerability Affecting Server-Side Rendering
CVE-2024-45047
SveltejsSvelte6.1MEDIUM

24 January 2024

Sending a GET or HEAD request with a body crashes SvelteKit
CVE-2024-23641
sveltejskit7.5HIGH

6 April 2023

SvelteKit framework has Insufficient CSRF protection for CORS requests
CVE-2023-29008
SveltejsKit8.8HIGH

4 April 2023

SvelteKit has Insufficient Cross-Site Request Forgery Protection
CVE-2023-29003
SveltejsKit8.8HIGH