pkg:npm/unhead

3 total CVEsMEDIUM1

✅ Check your installed version

All known vulnerabilities

  • MEDIUM6.1CVE-2026-39315Unhead has a hasDangerousProtocol() bypass via leading-zero padded HTML entities in useHeadSafe()
    from 0, < 2.1.13
  • NONE0.0CVE-2026-31873Unhead Vulnerable to Bypass of URI Scheme Sanitization in makeTagSafe via Case-Sensitivity
    from 0, < 2.1.11
  • CVE-2026-31860Unhead has XSS bypass in `useHeadSafe` via attribute name injection and case-sensitive protocol check
    from 0, < 2.1.11