UNKNOWNCVE-2026-5533

badlogic pi-mono SVG Artifact SvgArtifact.ts cross site scripting

Platform

javascript

Component

pi-mono

A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element is an unknown function of the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts of the component SVG Artifact Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

How to fix

Actualice a una versión corregida de la biblioteca pi-mono.  Consulte el repositorio del proyecto o el registro de paquetes para obtener información sobre las versiones disponibles y las instrucciones de actualización.  La falta de respuesta del proveedor indica que la actualización puede ser necesaria para mitigar el riesgo de XSS.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free