Description

Qwik is a performance focused javascript framework. Prior to version 1.12.0, a typo in the regular expression within isContentType causes incorrect parsing of certain Content-Type headers. This issue has been patched in version 1.12.0.

INFO

Published Date :

2026-02-03T21:12:13.235Z

Last Modified :

2026-02-04T16:59:56.030Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-25155 vulnerability.

Vendors Products
Qwik
  • Qwik
Qwikdev
  • Qwik
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-25155.

URL Resource
https://github.com/QwikDev/qwik/commit/d70d7099b90b998f1aac7cedc21c67d87bac4c75 cve-icon cve-icon
https://github.com/QwikDev/qwik/security/advisories/GHSA-vm6g-8r4h-22x8 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact