216.73.216.133

CVE-2026-42567

· Published 09/06/2026 17:17 · Modified 09/06/2026 19:32

Labels: CVE-2026-42567 2026-06-09CVE-2026-42567CWE-1333[email protected]

Essential information

Published
09/06/2026 17:17
Modified
09/06/2026 19:32
Author
Creator
CVSS
5.9 MEDIUM (v3) 5.9 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Svelte is a performance oriented web framework. From version 5.51.5 to before version 5.55.7, an internal regex in the Svelte runtime can take exponential time to test in <svelte:element this={tag}></svelte:element>. This issue has been patched in version 5.55.7.

NVD status

Status
Undergoing Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
svelte / svelte cpe:2.3:a:svelte:svelte:5.51.5-5.55.6:*:*:*:*:*:*:*
svelte / svelte cpe:2.3:a:svelte:svelte:5.55.7:*:*:*:*:*:*:*

References