npm/markdown-it — 4 CVEs

HIGH7.5CVE-2015-10005markdown-it vulnerable to Inefficient Regular Expression Complexity

from 0, < 3.0.0

MEDIUM5.3CVE-2026-48988markdown-it: Quadratic complexity DoS in smartquotes rule via replaceAt string operations

from 0, < 14.2.0

MEDIUM5.3CVE-2026-2327markdown-it is has a Regular Expression Denial of Service (ReDoS)

>= 13.0.0, < 14.1.1

MEDIUM5.3Uncontrolled Resource Consumption in markdown-it

from 0, < 12.3.2

pkg:npm/markdown-it