Vulnerability Details CVE-2026-42573
Svelte is a performance oriented web framework. Prior to version 5.55.7, Svelte was vulnerable to DOM clobbering of its internal framework state on elements, potentially leading to XSS attacks. This issue has been patched in version 5.55.7.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.9%
CVSS Severity