Components Vulnerabilities Pricing MCP API

Find vulnerabilities. Fix fast with AI.

Search components by package, version, or CVE to get started.

CVE-2026-44990 | Security Details | Sonatype Guide | Sonatype Guide

Unlock full vulnerability insights and fix guidance with Sonatype Guide.

Sign up for free

Vulnerabilities

CVE-2026-44990

CVE-2026-44990

sanitize-html - Cross-Site Scripting (XSS)

Published May 15, 2026

https://github.com/advisories/GHSA-rpr9-rxv7-x643

CVSS ScoreCritical

9.3

CVE-2026-44990 Security Details

CVE ID: CVE-2026-44990
CWE: N/A
CVE Description: sanitize-html - Cross-Site Scripting (XSS)
Published: May 15, 2026
CVSS Score & Severity: 9.3Critical
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
EPSS Score: 0%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: National Vulnerability Database
References: https://github.com/advisories/GHSA-rpr9-rxv7-x643THIRD_PARTY