CVE-2026-43897
Published
CVSS v3
N/A
CVSS v2
N/A
Affected
1
PROJECT
Description
Link Preview JS extracts web links information. Prior to 4.0.1, the library did not check for IPv6 loopback attacks. There was also a DNS attack, where an address could be resolved into an internal IP. This could cause internal data leaks. This vulnerability is fixed in 4.0.1.
⛓ Extract web links information: title, description, images, videos, etc. [via OpenGraph], runs on mobiles and node.
GitHub