Skip to content

🔒️ Bump fast-xml-parser to 5.3.6 due to CVE-2026-26278#2770

Merged
thymikee merged 1 commit intoreact-native-community:mainfrom
Jamim:fix/CVE-2026-26278
Feb 18, 2026
Merged

🔒️ Bump fast-xml-parser to 5.3.6 due to CVE-2026-26278#2770
thymikee merged 1 commit intoreact-native-community:mainfrom
Jamim:fix/CVE-2026-26278

Conversation

@Jamim
Copy link
Contributor

@Jamim Jamim commented Feb 18, 2026

Hello everyone,

Summary

These changes address CVE-2026-26278. Based on:

Test Plan

  1. Submit a PR
  2. Check the CI

Checklist

  • Documentation is up to date.
  • Follows commit message convention described in CONTRIBUTING.md.
  • For functional changes, my test plan has linked these CLI changes into a local react-native checkout (instructions).

Best regards!

@Jamim Jamim changed the title Bump fast-xml-parser from 5.3.4 to 5.3.6 due to CVE-2026-26278 🔒️ Bump fast-xml-parser to 5.3.6 due to CVE-2026-26278 Feb 18, 2026
thymikee
thymikee approved these changes Feb 18, 2026
View reviewed changes
Copy link
Member

@thymikee thymikee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@thymikee thymikee merged commit df9b3a4 into react-native-community:main Feb 18, 2026
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@thymikee thymikee thymikee approved these changes

@cipolleschi cipolleschi Awaiting requested review from cipolleschi cipolleschi is a code owner

Assignees

No one assigned

Labels

bugfix

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Jamim @thymikee

Comments