Product
qwik
11 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-32701
CVE-2026-27971
CVE-2026-25155
CVE-2026-25151
CVE-2026-25150
CVE-2026-25149
CVE-2026-25148
CVE-2024-41677
CVE-2023-2307
CVE-2023-1283
CVE-2023-0410
< 1.19.2
Qwik is a performance-focused JavaScript framework. Versions prior to 1.19.2 improperly inferred arrays from dotted form field nam
< 1.19.1
Qwik is a performance focused javascript framework. qwik <=1.19.0 is vulnerable to RCE due to an unsafe deserialization vulnerabil
< 1.12.0
Qwik is a performance focused javascript framework. Prior to version 1.12.0, a typo in the regular expression within isContentType
< 1.19.0
Qwik is a performance focused javascript framework. Prior to version 1.19.0, Qwik City’s server-side request handler inconsisten
< 1.19.0
Qwik is a performance focused javascript framework. Prior to version 1.19.0, a prototype pollution vulnerability exists in the for
< 1.19.0
Qwik is a performance focused javascript framework. Prior to version 1.19.0, an Open Redirect vulnerability in Qwik City's default
< 1.19.0
Qwik is a performance focused javascript framework. Prior to version 1.19.0, a Cross-Site Scripting vulnerability in Qwik.js' serv
< 1.7.3
Qwik is a performance focused javascript framework. A potential mutation XSS vulnerability exists in Qwik for versions up to but n
< 0.104.0
Cross-Site Request Forgery (CSRF) in GitHub repository builderio/qwik prior to 0.104.0.
< 0.21.0
Code Injection in GitHub repository builderio/qwik prior to 0.21.0.
< 0.16.2
Cross-site Scripting (XSS) - Generic in GitHub repository builderio/qwik prior to 0.1.0-beta5.