Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-22803

SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. From 2.49.0 to 2.49.4, the experimental form remote function uses a binary data format containing a representation of submitted form data. A specially-crafted payload can cause the server to allocate a large amount of memory, causing DoS via memory exhaustion. This vulnerability is fixed in 2.49.5.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.5%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2026-22803
  • Svelte » Kit » Version: 2.49.0
    cpe:2.3:a:svelte:kit:2.49.0
  • Svelte » Kit » Version: 2.49.1
    cpe:2.3:a:svelte:kit:2.49.1
  • Svelte » Kit » Version: 2.49.2
    cpe:2.3:a:svelte:kit:2.49.2
  • Svelte » Kit » Version: 2.49.3
    cpe:2.3:a:svelte:kit:2.49.3
  • Svelte » Kit » Version: 2.49.4
    cpe:2.3:a:svelte:kit:2.49.4


Products
Pricing
Contact Us

Shodan ® - All rights reserved