Package impact
npm / @marko/runtime-tags
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41591 | medium | 6.4 | 6.4 | 26d ago | Marko: XSS via case-insensitive script/style closing tag bypass in runtime HTML escaping |
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41591 | medium | 6.4 | 6.4 | 26d ago | Marko: XSS via case-insensitive script/style closing tag bypass in runtime HTML escaping |