CVE-2026-25155

Published February 3rd, 2026

View on NVD ↗

CVSS v3

5.9

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Qwik is a performance focused javascript framework. Prior to version 1.12.0, a typo in the regular expression within isContentType causes incorrect parsing of certain Content-Type headers. This issue has been patched in version 1.12.0.

QwikDev/qwik

Instant-loading web apps, without effort

GitHub

22K