CVE-2026-49458
MEDIUM SEVERITYCVSS Score & Metrics
Base Score
6.1 / 10
Vulnerability Description
DOMPurify: Cross-realm IN_PLACE sanitization leaves executable markup intact via realm-bound `instanceof` checks
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
npm
Product
dompurify
Discussion (0)
Add Comment
No comments yet. Be the first!