pkg:npm/postcss
4 total CVEsMEDIUM4
✅ Check your installed version
All known vulnerabilities
MEDIUM6.1CVE-2026-41305PostCSS has XSS via Unescaped </style> in its CSS Stringify Output from 0, < 8.5.10
from 0, < 8.4.31
MEDIUM5.3CVE-2021-23382Regular Expression Denial of Service in postcss >= 8.0.0, < 8.2.13
MEDIUM5.3CVE-2021-23368Regular Expression Denial of Service in postcss >= 7.0.0, < 7.0.36