Vulnerabilidades em i18next
8 resultadosCVE-2026-48714CRITICALi18next-http-middleware missingKeyHandler does not reject keys whose segments contain prototype-polluting namesEPSS 0.4%CVE-2026-48713CRITICALi18next-fs-backend: Prototype pollution via crafted missing-key stringEPSS 0.4%CVE-2026-42353HIGHPath traversal / SSRF in i18next-http-middleware via user-controlled language and namespace parametersEPSS 0.4%CVE-2026-41683HIGHHTTP response splitting and DoS in i18next-http-middleware via unsanitised Content-Language headerEPSS 0.3%CVE-2026-41690HIGHPrototype pollution and path traversal in i18next-http-middleware via user-controlled language and namespace parametersEPSS 0.3%CVE-2026-41693HIGHi18next-fs-backend: Path traversal via unsanitised lng/ns allows arbitrary file read/overwriteEPSS 0.3%CVE-2026-41691MEDIUMi18next-http-backend has Path Traversal & URL Injection via Unsanitised lng/nsEPSS 0.3%CVE-2026-41692MEDIUMi18nextify is vulnerable to DOM XSS via javascript:/data: URL schemes in translated href/src attributesEPSS 0.1%