Ckeditor5
This hub aggregates every CVE we track for Ckeditor5, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
7
CVEs tracked
0
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM7
Monthly trend
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
1
0
0
0
2024-072026-06
Latest CVEs
The 7 most recently published vulnerabilities affecting Ckeditor5.
- CVE-2026-28343CKEditor: Cross-site scripting (XSS) in the HTML Support package6.4
- CVE-2025-61261A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1.0 & Angular v18.0.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payl...5.4
- CVE-2024-45613CKEditor 5 has Cross-site Scripting vulnerability in the clipboard package6.1
- CVE-2022-48110CKSource CKEditor 5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget. NOTE: the vendor's position is that this is not a vulnerabili...6.1
- CVE-2022-31175Cross-site scripting caused by the editor instance destroying process in ckeditor55.8
- CVE-2021-21391Regular expression Denial of Service in multiple packages6.5
- CVE-2021-21254Regular expression Denial of Service in Markdown plugin6.5
Product normalization is registry-driven with AI assist and human review. How it works