Exposure of Svelte
JavaScript frameworks23
exposure score
87,930
sites use
0
exploited
0
critical
CVEs
12 resultsCVE-2022-25875MEDIUMCross-site Scripting (XSS)EPSS 1.0%CVE-2026-42567MEDIUMSvelte: ReDoS in `<svelte:element>` Tag ValidationEPSS 0.4%CVE-2026-27125MEDIUMSvelte SSR attribute spreading includes inherited properties from prototype chainEPSS 0.4%CVE-2024-45047MEDIUMPotential mXSS vulnerability due to improper HTML escaping in svelteEPSS 0.3%CVE-2025-15265MEDIUMSvelte 5.46.0 - Hydratable Key Script-Breakout XSS (SSR)EPSS 0.3%CVE-2026-27902MEDIUMSvelte Vulnerable to XSS via HTML Comment Injection in SSR Error Boundary Hydration MarkersEPSS 0.2%CVE-2026-27901MEDIUMSvelte vulnerable to XSS during SSR with contenteditable `bind:innerText` and `bind:textContent`EPSS 0.2%CVE-2026-42573MEDIUMSvelte: XSS via DOM Clobbering of Internal Framework StateEPSS 0.2%CVE-2026-27122MEDIUMSvelte SSR does not validate dynamic element tag names in `<svelte:element>`EPSS 0.2%CVE-2026-27121MEDIUMSvelte affected by cross-site scripting via spread attributes in Svelte SSREPSS 0.2%CVE-2026-27119MEDIUMSvelte affected by XSS in SSR `<option>` elementEPSS 0.2%CVE-2026-42599MEDIUMCross-site scripting via spread attributes in Svelte SSREPSS 0.2%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →