Vulnerability in Markdown-it Linkify-it

CVE-2026-48801

linkify-it is a links recognition library with full Unicode support. Prior to 5.0.1, LinkifyIt.prototype.match, the package's primary public API, has O(N²) algorithmic complexity for inputs containing many fuzzy links or emails because the…

Vulnerability class: ReDoS (Regular Expression Denial of Service)

Affected products

Weakness classification (CWE)

References