Every CVE whose affected-product data names Leafletjs Leaflet, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2025-69993 — CVSS 6.1 (medium): Leaflet versions up to and including 1.9.4 are vulnerable to Cross-Site Scripting (XSS) via the bindPopup() method. This method renders…