The identified library DOMPurify, version 3.3.2 is vulnerable.

**Describe the bug**
The identified library DOMPurify, version 3.3.2 is vulnerable.

CVE-2026-41239

CVE-2026-41238

CVE-2026-41240

https://github.com/cure53/DOMPurify/releases/tag/3.4.0

[GHSA-v9jr-rg53-9pgp](https://github.com/cure53/DOMPurify/security/advisories/GHSA-v9jr-rg53-9pgp)

[GHSA-39q2-94rc-95cp](https://github.com/cure53/DOMPurify/security/advisories/GHSA-39q2-94rc-95cp)

[GHSA-crv5-9vww-q3g8](https://github.com/cure53/DOMPurify/security/advisories/GHSA-crv5-9vww-q3g8)

[GHSA-h7mw-gpvr-xq4m](https://github.com/cure53/DOMPurify/security/advisories/GHSA-h7mw-gpvr-xq4m)

**Expected behavior**
No cve's in the latest version

**Minimal reproducible OpenAPI snippet(if possible)**
N/A
**Screenshots**
If applicable, add screenshots to help explain your problem.

**Additional context**
Add any other context about the problem here.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

The identified library DOMPurify, version 3.3.2 is vulnerable. #2786

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

The identified library DOMPurify, version 3.3.2 is vulnerable. #2786

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions