| Summary | Link Preview JS extracts web links information. Prior to 4.0.1, the library did not check for IPv6 loopback attacks. There was also a DNS attack, where an address could be resolved into an internal IP. This could cause internal data leaks. This vulnerability is fixed in 4.0.1. |
|---|---|
| Publication Date | May 12, 2026, 7:22 a.m. |
| Registration Date | May 13, 2026, 4:11 a.m. |
| Last Update | May 12, 2026, 7:22 a.m. |