@_sh/strapi-plugin-ckeditor (>=7.0.0 <=7.1.0), @ckeditor/ckeditor5-adapter-ckfinder (>=47.0.0 <=47.6.0-alpha.9) +94 more potentially affected by CVE-2026-28343 via @ckeditor/ckeditor5-engine (>=47.0.0-alpha.0 <=47.6.0-alpha.9)

@ckeditor/ckeditor5-engine NPM version =47.0.0-alpha.0, =7.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.0.0, =47.6.0-alpha.9 and more Source cves: CVE-2026-28343 Source advisory: SNYK:JS-CKEDITORCKEDITOR5ENGINE-15426...

Linux Distros Unpatched Vulnerability : CVE-2021-21391

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor 5 provides a WYSIWYG editing solution. This CVE affects the following npm packages: ckeditor5-engine, ckeditor5-font, ckeditor5-image, ckeditor5-list,...