CNNVD-202601-1461 Information

CNNVD ID

CNNVD-202601-1461

Related CVE

CVE-2026-22028

• CNNVD Published: 2026-01-08

Description (Chinese)

preact是Preact开源的一个Java库。 preact 10.26.5版本存在安全漏洞，该漏洞源于JSON序列化保护减弱，可能导致HTML注入。

Description (English)

Preact is a Java bank from Preact. Version 10.26.5 contains a security loophole, which stems from the weakening of the serialized protection of JSON and may lead to the injection of HTML.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Preact

Published

2026-01-08

Last Modified

2026-02-24

References

https://github.com/preactjs/preact/security/advisories/GHSA-36hm-qxxp-pg3m https://access.redhat.com/security/cve/cve-2026-22028

Patch

https://preactjs.com/