CVE-2026-22028
CVE-2026-22028 affects Preact where a regression in 10.26.5 weakened JSON serialization protection, allowing JSON payloads to be mis-parsed as valid VNodes and potentially leading to HTML injection and script execution if CSP or other mitigations are not in place. Affected versions include 10.26....