i18next

11 known vulnerabilities · 0 critical · 0 high

Cross-Site Scripting in i18next

Published Jul 24, 2018

Cross-Site Scripting in i18next

Published Nov 9, 2018

MAL-2025-190741

Malicious code in @ensdomains/vite-plugin-i18next-loader (npm)

Published Nov 24, 2025

MAL-2024-10770

Malicious code in prettier-plugin-kimi-i18next (npm)

Published Nov 15, 2024

GHSA-5fgg-jcpf-8jjw

i18next-http-middleware: Prototype pollution and path traversal via user-controlled language and namespace parameters

Published Apr 22, 2026

GHSA-6457-mxpq-4fqq

i18nextify has DOM XSS via javascript:/data: URL schemes in translated href/src attributes

Published Apr 22, 2026

GHSA-8847-338w-5hcj

i18next-fs-backend: Path traversal via unsanitised lng/ns allows arbitrary file read/overwrite

Published Apr 22, 2026

GHSA-c3h8-g69v-pjrg

i18next-http-middleware: HTTP response splitting and DoS via unsanitised Content-Language header

Published Apr 22, 2026

GHSA-mgcp-mfp8-3q45

i18next-locize-backend has URL Injection via Unsanitized Path Parameters

Published Apr 22, 2026

GHSA-q89c-q3h5-w34g

i18next-http-backend has Path Traversal & URL Injection via Unsanitised lng/ns

Published Apr 22, 2026

MAL-2025-47539

Malicious code in @sev-ui-verse/i18next-config (npm)

Published Sep 25, 2025

Check your entire dependency tree at onceRun dependency scan →