Vulnerabilities in handlebars-lang
6 resultsCVE-2026-33937CRITICALHandlebars.js has JavaScript Injection via AST Type ConfusionEPSS 1.3%CVE-2026-33940HIGHHandlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partialEPSS 0.6%CVE-2026-33938HIGHHandlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-blockEPSS 0.6%CVE-2026-33939HIGHHandlebars.js has Denial of Service via Malformed Decorator Syntax in Template CompilationEPSS 0.5%CVE-2026-33941HIGHHandlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and OptionsEPSS 0.3%CVE-2026-33916MEDIUMHandlebars.js has Prototype Pollution Leading to XSS through Partial Template InjectionEPSS 0.2%