586 matches found
ROOT-APP-NPM-GHSA-76MC-F452-CXCM GHSA-76mc-f452-cxcm in @rootio/dompurify - Patched by Root
Root has patched GHSA-76mc-f452-cxcm in the @rootio/dompurify package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-GHSA-CJMM-F4JC-QW8R GHSA-cjmm-f4jc-qw8r in @rootio/dompurify - Patched by Root
Root has patched GHSA-cjmm-f4jc-qw8r in the @rootio/dompurify package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-41239 CVE-2026-41239 in @rootio/dompurify - Patched by Root
Root has patched CVE-2026-41239 in the @rootio/dompurify package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-GHSA-CJ63-JHHR-WCXV GHSA-cj63-jhhr-wcxv in @rootio/dompurify - Patched by Root
Root has patched GHSA-cj63-jhhr-wcxv in the @rootio/dompurify package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-GHSA-H8R8-WCCR-V5F2 GHSA-h8r8-wccr-v5f2 in @rootio/dompurify - Patched by Root
Root has patched GHSA-h8r8-wccr-v5f2 in the @rootio/dompurify package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-49458 CVE-2026-49458 in @rootio/dompurify - Patched by Root
Root has patched CVE-2026-49458 in the @rootio/dompurify package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-GHSA-39Q2-94RC-95CP GHSA-39q2-94rc-95cp in @rootio/dompurify - Patched by Root
Root has patched GHSA-39q2-94rc-95cp in the @rootio/dompurify package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-0540 CVE-2026-0540 in @rootio/dompurify - Patched by Root
Root has patched CVE-2026-0540 in the @rootio/dompurify package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-49459 CVE-2026-49459 in @rootio/dompurify - Patched by Root
Root has patched CVE-2026-49459 in the @rootio/dompurify package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2025-15599 CVE-2025-15599 in @rootio/dompurify - Patched by Root
Root has patched CVE-2025-15599 in the @rootio/dompurify package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-49978 CVE-2026-49978 in @rootio/dompurify - Patched by Root
Root has patched CVE-2026-49978 in the @rootio/dompurify package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-41238 CVE-2026-41238 in @rootio/dompurify - Patched by Root
Root has patched CVE-2026-41238 in the @rootio/dompurify package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-41240 CVE-2026-41240 in @rootio/dompurify - Patched by Root
Root has patched CVE-2026-41240 in the @rootio/dompurify package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2025-26791 CVE-2025-26791 in @rootio/dompurify - Patched by Root
Root has patched CVE-2025-26791 in the @rootio/dompurify package for Root:npm. Multiple fixed versions available...
Linux Distros Unpatched Vulnerability : CVE-2026-47423
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. In 3.4.4, DOMPurify allowed selectedcontent by default, allowing browsers to...
Linux Distros Unpatched Vulnerability : CVE-2026-49458
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Prior to 3.4.6, DOMPurify.sanitizenode, INPLACE: true accepted same-origin...
Linux Distros Unpatched Vulnerability : CVE-2026-49978
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Prior to 3.4.7, DOMPurify INPLACE sanitization could skip shadow contents...
Linux Distros Unpatched Vulnerability : CVE-2026-49459
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Prior to 3.4.6, DOMPurify.sanitizeroot, INPLACE: true could preserve...
CVE-2026-49978
A flaw was found in DOMPurify, a tool designed to sanitize HTML, MathML, and SVG to prevent cross-site scripting XSS attacks. When performing in-place sanitization, DOMPurify could fail to properly process content within shadow DOM elements attached to a .content. This oversight allows an attacke...
CVE-2026-49459
A flaw was found in DOMPurify, a library designed to sanitize HTML, MathML, and SVG to prevent cross-site scripting XSS attacks. A remote attacker could exploit a vulnerability in the DOMPurify.sanitize function when used with the INPLACE: true option. This flaw allows an attacker to bypass the...