21 Total advisories
21 Vulnerabilities
0 Malware
Vulnerabilities
HIGH 7.5
CVE-2026-33939
Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation
HIGH 8.2
CVE-2026-33941
Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options
HIGH 8.1
CVE-2026-33940
Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partial
HIGH 8.1
CVE-2026-33938
Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block
CRITICAL 9.8
CVE-2026-33937
Handlebars.js has JavaScript Injection via AST Type Confusion
LOW 3.7
GHSA-442j-39wm-28r2
Handlebars.js has a Property Access Validation Bypass in container.lookup
MEDIUM 4.8
GHSA-7rx3-28cr-v5wh
Handlebars.js has a Prototype Method Access Control Gap via Missing __lookupSetter__ Blocklist Entry
MEDIUM 4.7
CVE-2026-33916
Handlebars.js has Prototype Pollution Leading to XSS through Partial Template Injection
HIGH 7.5
CVE-2019-20922
Regular Expression Denial of Service in Handlebars
HIGH 8.1
CVE-2019-20920
Arbitrary Code Execution in Handlebars
UNKNOWN
GHSA-g9r4-xpmj-mj65
Prototype Pollution in handlebars
HIGH 7.3
GHSA-2cf5-4w76-r9qv
Arbitrary Code Execution in handlebars
HIGH 7.3
GHSA-q42p-pg8m-cqh6
Prototype Pollution in handlebars
UNKNOWN
GHSA-q2c6-c6pm-g3gh
Arbitrary Code Execution in handlebars
MEDIUM 6.1
CVE-2015-8861
Cross-Site Scripting in handlebars
CRITICAL 9.8
CVE-2019-19919
Prototype Pollution in handlebars
CRITICAL 9.8
CVE-2021-23369
Remote code execution in handlebars when compiling templates
CRITICAL 9.8
CVE-2021-23383
Prototype Pollution in handlebars
UNKNOWN
GHSA-f52g-6jhx-586p
Denial of Service in handlebars
UNKNOWN
GHSA-fmr4-7g9q-7hc7
Moderate severity vulnerability that affects handlebars
UNKNOWN
GHSA-6r5x-hmgg-7h53
Remote code execution in Handlebars.js
Ready to move
Start Securing
Free, no credit card | First findings in minutes