OsVault/npm/markdown-it
npm

markdown-it

8 known vulnerabilities · 0 critical · 2 high

CVE-2022-21670MEDIUM

Uncontrolled Resource Consumption in markdown-it

Published Jan 12, 2022
CVE-2015-10005LOW

markdown-it vulnerable to Inefficient Regular Expression Complexity

Published Dec 27, 2022
CVE-2026-2327

markdown-it is has a Regular Expression Denial of Service (ReDoS)

Published Feb 12, 2026
CVE-2020-7773MEDIUM

Cross-site Scripting in markdown-it-highlightjs

Published Feb 10, 2022
CVE-2020-28459HIGH

markdown-it-decorate vulnerable to cross-site scripting (XSS)

Published Jul 19, 2022
MAL-2025-191176

Malicious code in @accordproject/markdown-it-cicero (npm)

Published Nov 25, 2025
CVE-2020-28455HIGH

markdown-it-toc Cross-site Scripting due to title of generated toc and contents of header not being escaped

Published Jul 26, 2022
MAL-2024-1257

Malicious code in discourse-markdown-it (npm)

Published Apr 15, 2024
Check your entire dependency tree at onceRun dependency scan →