Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package fabric, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2026-27013 — CVSS 7.6 (high): Fabric.js is a Javascript HTML5 canvas library. Prior to version 7.2.0, Fabric.js applies `escapeXml()` to text content during SVG export…
CVE-2026-44311 — CVSS 5.4 (medium): Fabric.js is a Javascript HTML5 canvas library. Prior to 7.4.0, a potential Cross-Site Scripting (XSS) vulnerability exists in Fabric.js…