npm package
preact
pkg:npm/preact
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-22028 | — | >= 10.26.5, < 10.26.10 | 10.26.10 | Jan 8, 2026 | Preact, a lightweight web development framework, JSON serialization protection to prevent Virtual DOM elements from being constructed from arbitrary JSON. A regression introduced in Preact 10.26.5 caused this protection to be softened. In applications where values from JSON paylo |
- CVE-2026-22028Jan 8, 2026affected >= 10.26.5, < 10.26.10fixed 10.26.10
Preact, a lightweight web development framework, JSON serialization protection to prevent Virtual DOM elements from being constructed from arbitrary JSON. A regression introduced in Preact 10.26.5 caused this protection to be softened. In applications where values from JSON paylo