CVE-2026-33940HighCVSS 8.1

Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partial

Published
May 31, 2026
Last Modified

🔗 CVE IDs covered (1)