Known Vulnerabilities for products from Svelte
Listed below are 7 of the newest known vulnerabilities associated with the vendor "Svelte".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40074 json | SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Prior to 2.57.1, redirect, ... | Not Provided | 2026-04-10 | 2026-04-15 |
| CVE-2026-40073 json | SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Prior to 2.57.1, under cert... | Not Provided | 2026-04-10 | 2026-04-15 |
| CVE-2026-35218 json | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-6216 json | Not Provided | 2026-04-13 | 2026-04-14 | |
| CVE-2024-23641 json | 7.5 - HIGH | 2024-01-24 | 2024-02-05 | |
| CVE-2023-29008 json | The SvelteKit framework offers developers an option to create simple REST APIs. This is done by defining a `+server.js` file,... | 8.8 - HIGH | 2023-04-06 | 2023-11-07 |
| CVE-2023-29003 json | SvelteKit is a web development framework. The SvelteKit framework offers developers an option to create simple REST APIs. Thi... | 8.8 - HIGH | 2023-04-04 | 2023-11-07 |
| CVE-2022-25875 json | The package svelte before 3.49.0 are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization and to impro... | 6.1 - MEDIUM | 2022-07-12 | 2022-07-19 |
| CVE-2021-29261 json | The unofficial Svelte extension before 104.8.0 for Visual Studio Code allows attackers to execute arbitrary code via a crafte... | 7.8 - HIGH | 2021-04-05 | 2021-04-08 |