sveltejs Cyber Security Vulnerability Stats and Metrics

Svelte Framework Redirect Vulnerability in SvelteKit

CVE-2026-40074

SveltejsKit6.3MEDIUM

Body Size Limit Bypass in SvelteKit Framework by Svelte

CVE-2026-40073

SveltejsKit8.2HIGH

Prototype Pollution Vulnerability in Svelte Devalue JavaScript Library

CVE-2026-30226

SveltejsDevalue6.3MEDIUM

HTML Injection Vulnerability in Svelte Web Framework

CVE-2026-27902

SveltejsSvelte5.3MEDIUM

HTML Injection and XSS in Svelte Framework Prior to Version 5.53.5

CVE-2026-27901

SveltejsSvelte5.3MEDIUM

Svelte Web Framework Vulnerability in Server-Side Rendering

CVE-2026-27125

SveltejsSvelte5.3MEDIUM

HTML Injection Vulnerability in Svelte Framework by Svelte

CVE-2026-27122

SveltejsSvelte5.1MEDIUM

Cross-Site Scripting in Svelte Framework Affects User-Driven Attributes

CVE-2026-27121

SveltejsSvelte5.1MEDIUM

HTML Injection Vulnerability in Svelte Framework by SvelteJS

CVE-2026-27119

SveltejsSvelte5.1MEDIUM

Cache Poisoning Vulnerability in SvelteKit by Vercel

CVE-2026-27118

SveltejsKit5.3MEDIUM

Denial of Service Vulnerability in Svelte devalue JavaScript Library

CVE-2026-22775

SveltejsDevalue7.5HIGH

Denial of Service Vulnerability in Svelte JavaScript Library

CVE-2026-22774

SveltejsDevalue7.5HIGH

Memory Exhaustion Vulnerability in SvelteKit by Svelte

CVE-2026-22803

SveltejsKit8.2HIGH

Server Side Request Forgery Vulnerability in SvelteKit Framework

CVE-2025-67647

SveltejsKit8.4HIGH

Prototype Pollution in Svelte's Devalue Utility Library

CVE-2025-57820

SveltejsDevalue7.9HIGH

XSS Vulnerability in SvelteKit Framework Affects Web Application Development

CVE-2025-32388

SveltejsKit5.4MEDIUM

Svelte Addresses mXSS Vulnerability Affecting Server-Side Rendering

CVE-2024-45047

SveltejsSvelte6.1MEDIUM

Sending a GET or HEAD request with a body crashes SvelteKit

CVE-2024-23641

sveltejskit7.5HIGH

SvelteKit framework has Insufficient CSRF protection for CORS requests

CVE-2023-29008

SveltejsKit8.8HIGH

SvelteKit has Insufficient Cross-Site Request Forgery Protection

CVE-2023-29003

SveltejsKit8.8HIGH

sveltejs Summary

Vulnerability Published:

Sort By:

10 April 2026

Svelte Framework Redirect Vulnerability in SvelteKit

Body Size Limit Bypass in SvelteKit Framework by Svelte

11 March 2026

Prototype Pollution Vulnerability in Svelte Devalue JavaScript Library

26 February 2026

HTML Injection Vulnerability in Svelte Web Framework

HTML Injection and XSS in Svelte Framework Prior to Version 5.53.5

20 February 2026

Svelte Web Framework Vulnerability in Server-Side Rendering

HTML Injection Vulnerability in Svelte Framework by Svelte

Cross-Site Scripting in Svelte Framework Affects User-Driven Attributes

HTML Injection Vulnerability in Svelte Framework by SvelteJS

Cache Poisoning Vulnerability in SvelteKit by Vercel

15 January 2026

Denial of Service Vulnerability in Svelte devalue JavaScript Library

Denial of Service Vulnerability in Svelte JavaScript Library

Memory Exhaustion Vulnerability in SvelteKit by Svelte

Server Side Request Forgery Vulnerability in SvelteKit Framework

26 August 2025

Prototype Pollution in Svelte's Devalue Utility Library

15 April 2025

XSS Vulnerability in SvelteKit Framework Affects Web Application Development

30 August 2024

Svelte Addresses mXSS Vulnerability Affecting Server-Side Rendering

24 January 2024

Sending a GET or HEAD request with a body crashes SvelteKit

6 April 2023

SvelteKit framework has Insufficient CSRF protection for CORS requests

4 April 2023

SvelteKit has Insufficient Cross-Site Request Forgery Protection