@ckeditor/ckeditor5-upload 46.0.3 on Node.js NPM

A Cross-Site Scripting (XSS) vulnerability has been discovered in the CKEditor 5 clipboard package (CVE-2025-58064). This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code execution, if the attacker managed to insert malicious content into the editor, which might happen with a very specific editor configuration.

This vulnerability affects only installations where the editor configuration meets one of the following criteria:

HTML embed plugin is enabled
Custom plugin introducing an editable element which implements view RawElement is enabled

You can read more details in the relevant security advisory and contact us if you have more questions.

Released packages

Check out the Versioning policy guide for more information.

Released packages (summary)

Other releases:

@ckeditor/ckeditor5-adapter-ckfinder: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-ai: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-alignment: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-autoformat: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-autosave: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-basic-styles: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-block-quote: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-bookmark: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-case-change: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-ckbox: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-ckfinder: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-clipboard: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-cloud-services: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-code-block: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-collaboration-core: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-comments: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-core: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-document-outline: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-easy-image: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-editor-balloon: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-editor-classic: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-editor-decoupled: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-editor-inline: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-editor-multi-root: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-email: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-emoji: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-engine: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-enter: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-essentials: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-export-inline-styles: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-export-pdf: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-export-word: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-find-and-replace: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-font: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-format-painter: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-fullscreen: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-heading: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-highlight: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-horizontal-line: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-html-embed: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-html-support: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-icons: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-image: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-import-word: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-indent: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-language: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-line-height: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-link: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-list: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-list-multi-level: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-markdown-gfm: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-media-embed: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-mention: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-merge-fields: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-minimap: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-operations-compressor: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-page-break: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-pagination: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-paragraph: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-paste-from-office: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-paste-from-office-enhanced: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-real-time-collaboration: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-remove-format: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-restricted-editing: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-revision-history: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-select-all: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-show-blocks: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-slash-command: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-source-editing: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-source-editing-enhanced: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-special-characters: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-style: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-table: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-template: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-theme-lark: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-track-changes: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-typing: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-ui: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-undo: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-upload: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-uploadcare: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-utils: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-watchdog: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-widget: v46.0.2 => v46.0.3
@ckeditor/ckeditor5-word-count: v46.0.2 => v46.0.3
ckeditor5: v46.0.2 => v46.0.3
ckeditor5-collaboration: v46.0.2 => v46.0.3
ckeditor5-premium-features: v46.0.2 => v46.0.3