`marked`

Ecosystem:
npm

Package URL:
pkg:npm/marked

Total PRs:
4,654 Dependabot PRs

Latest PR:
about 8 hours ago

Unique Repositories:
1,579 repositories

Unique Repos (30 days):
106 repositories

Security Advisories

Marked Vulnerable to OOM Denial of Service via Infinite Recursion in marked Tokenizer

GHSA-6v9c-7cg6-27q7 CVE-2026-41680 HIGH published about 2 months ago • updated 6 days ago

### Summary A critical Denial of Service (DoS) vulnerability exists in `marked@18.0.0`. By providing a specific 3-byte input sequence a tab, a vert...

View all 13 advisories

Recent PRs

RSS Feed

chore(deps): bump the npm-frontend-patch-minor group across 1 directory with 28 updates

Prekzursil/momentstudio #586

17.0.4 → 17.0.6 Patch PR

Open about 8 hours ago 9 comments

chore(deps): bump marked from 17.0.5 to 18.0.5

OpenPhysics/pyro #21

17.0.5 → 18.0.5 Major PR

Open 4 days ago 1 comment

Build(deps): Bump marked from 18.0.3 to 18.0.5 in /frontend

TheHypedge/Riviso_SEO #30

18.0.3 → 18.0.5 Patch PR

Open 4 days ago 2 comments

chore(deps): bump marked from 18.0.4 to 18.0.5

khaoticdev62/NEURODECK #47

18.0.4 → 18.0.5 Patch PR

Open 5 days ago 3 comments

chore(deps): bump marked from 18.0.4 to 18.0.5

content-island/template-it-event #26

18.0.4 → 18.0.5 Patch PR

Open 5 days ago 1 comment

build(deps-dev): bump marked from 18.0.2 to 18.0.5

sumup/sumup-developer #753

18.0.2 → 18.0.5 Patch PR

Open 5 days ago 1 comment

[Docs Site] Bump the non-major group with 28 updates

zjeejisme/cloudflare-docs #1

18.0.3 → 18.0.5 Patch PR

Closed 5 days ago 4 comments

Bump the js-minor-patch group in /webapp/frontend with 5 updates

Sinsemilila/academIA #58

18.0.4 → 18.0.5 Patch PR

Closed 6 days ago 1 comment

deps(engine): bump the utilities group with 2 updates

underpostnet/engine #93

18.0.4 → 18.0.5 Patch PR

Open 6 days ago 2 comments

chore(deps): bump the minor-patch group with 11 updates

ng-forge/ng-forge #484

18.0.4 → 18.0.5 Patch PR

Open 6 days ago 2 comments

chore(deps): bump marked from 18.0.3 to 18.0.5

Cole-personal-projects/pepchat #245

18.0.3 → 18.0.5 Patch PR

Open 6 days ago 1 comment

deps: Bump the production group across 1 directory with 23 updates

EfkaStudio-prd/G-ROUTER #18

18.0.4 → 18.0.5 Patch PR

Open 6 days ago 1 comment

chore(deps)(deps): bump the prod-minor-patch group across 1 directory with 11 updates

maatini/cobra-nats #45

18.0.4 → 18.0.5 Patch PR

Open 6 days ago 1 comment

chore(deps): bump marked from 18.0.3 to 18.0.5

oguzhankir/fmtly #141

18.0.3 → 18.0.5 Patch PR

Open 6 days ago 1 comment

chore(deps): bump marked from 18.0.3 to 18.0.5

esorzai503/it-event-alan-turing #9

18.0.3 → 18.0.5 Patch PR

Open 6 days ago 2 comments

deps(ui): bump marked from 18.0.3 to 18.0.5 in /ui

hlan-net/moirai #183

18.0.3 → 18.0.5 Patch PR

Open 6 days ago 2 comments

chore(deps): bump marked from 18.0.4 to 18.0.5

keigo-hisazumi/markdown-editer #31

18.0.4 → 18.0.5 Patch PR

Open 6 days ago 2 comments

依存関係更新(deps): Bump marked from 18.0.4 to 18.0.5 in the content-libs group

g-kari/rss #1107

18.0.4 → 18.0.5 Patch PR

Closed 6 days ago 1 comment

Bump the non-major group with 8 updates

ELtrebolt/ME-DB-front #29

18.0.3 → 18.0.5 Patch PR

Closed 6 days ago 1 comment

chore(deps): bump the production-dependencies group across 1 directory with 18 updates

everybody-eats-nz/volunteer-portal #948

18.0.4 → 18.0.5 Patch PR

Open 6 days ago 3 comments

chore(deps): bump the production-dependencies group in /docs/widget with 2 updates

everybody-eats-nz/volunteer-portal #944

18.0.4 → 18.0.5 Patch PR

Closed 6 days ago 2 comments

chore(deps): bump marked from 18.0.4 to 18.0.5

Open-Paws/cryptpad-project-management #132

18.0.4 → 18.0.5 Patch PR

Open 7 days ago 1 comment

chore(deps): bump marked from 17.0.1 to 18.0.5

code-scriet/main_site #28

17.0.1 → 18.0.5 Major PR

Open 8 days ago 1 comment

chore(deps): bump the production-dependencies group with 24 updates

dannysmith/astro-editor #245

18.0.4 → 18.0.5 Patch PR

Open 8 days ago 3 comments

deps: bump marked from 18.0.4 to 18.0.5 in the general group

Peter-Easterbrook/onestep-blog-2021 #54

18.0.4 → 18.0.5 Patch PR

Closed 8 days ago 2 comments

chore(deps): bump the production-dependencies group across 1 directory with 6 updates

fderuiter/QRCraftly #407

18.0.4 → 18.0.5 Patch PR

Open 9 days ago 1 comment

Bump the all-dependencies group across 1 directory with 90 updates

LOME-AI/HushBox #98

18.0.0 → 18.0.5 Patch PR

Open 9 days ago 2 comments

Bump marked from 18.0.4 to 18.0.5

maxonfjvipon/xslint #203

18.0.4 → 18.0.5 Patch PR

Closed 9 days ago 2 comments

Bump marked from 18.0.4 to 18.0.5 in the dependencies group across 1 directory

krymtkts/blog-fable #498

18.0.4 → 18.0.5 Patch PR

Open 9 days ago 1 comment

Bump the npm-dev group across 1 directory with 14 updates

jvacek/LitRoute #126

18.0.4 → 18.0.5 Patch PR

Closed 9 days ago 1 comment

build(deps): bump the production-dependencies group with 24 updates

RealRogerWinter/price-games-public #3

17.0.4 → 18.0.4 Major PR

Open 10 days ago 1 comment

[Docs Site] Bump the non-major group across 1 directory with 31 updates

robvankathmp/cloudflare-docs #7

18.0.3 → 18.0.4 Patch PR

Open 11 days ago 3 comments

chore(deps): bump the patch-updates group across 1 directory with 9 updates

yamatai-ja/mono-review #10

18.0.2 → 18.0.4 Patch PR

Open 11 days ago 1 comment

Bump the patch-updates group across 1 directory with 7 updates

RavenEmperor/my-site #4

18.0.3 → 18.0.4 Patch PR

Open 12 days ago 1 comment

deps(site): bump the markdown group across 1 directory with 3 updates

asfbay-bit/opchain #252

18.0.3 → 18.0.5 Patch PR

Open 12 days ago 3 comments

chore(deps)(deps): Bump marked from 17.0.6 to 18.0.4

raychiutw/trip-planner #910

17.0.6 → 18.0.4 Major PR

Open 13 days ago 2 comments

chore(deps)(deps): Bump the production-dependencies group with 4 updates

soydiloreto/diluxite-core-alpha #4

14.1.4 → 18.0.4 Major PR

Open 14 days ago 1 comment

deps(deps-dev): bump marked from 18.0.2 to 18.0.4

tgwizard/ghreview #14

18.0.2 → 18.0.4 Patch PR

Closed 14 days ago 1 comment

chore: bump the misc group across 1 directory with 41 updates

jon-aiken/stella #24

18.0.3 → 18.0.4 Patch PR

Open 15 days ago 1 comment

chore(deps): bump the npm-dependencies group across 1 directory with 24 updates

jeremymcs/patchdeck #148

18.0.3 → 18.0.4 Patch PR

Open 15 days ago 1 comment

chore(deps): bump marked from 17.0.1 to 17.0.6 in /website

ysyx2008/SailFish #38

17.0.1 → 17.0.6 Patch PR

Open 15 days ago 2 comments

chore(deps-dev): bump the development group across 1 directory with 7 updates

connect0459/connect-labo #40

18.0.3 → 18.0.5 Patch PR

Closed 15 days ago 1 comment

build(deps): bump marked from 18.0.3 to 18.0.4 in /frontend

Presto-io/Presto #58

18.0.3 → 18.0.4 Patch PR

Open 15 days ago 1 comment

yarn(deps): bump marked from 18.0.3 to 18.0.4

inovex/scrumlr.io #6184

18.0.3 → 18.0.4 Patch PR

Open 16 days ago 1 comment

deps(deps): bump the minor-and-patch group across 1 directory with 12 updates

pramodhm112/cloudnative-atlas #13

18.0.0 → 18.0.4 Patch PR

Open 16 days ago 2 comments

chore(deps): bump the npm group in /frontend/app with 5 updates

PyPSA/pypsa-app #39

18.0.3 → 18.0.4 Patch PR

Closed 18 days ago 1 comment

deps(deps): bump the minor-and-patch group across 1 directory with 13 updates

pramodhm112/cloudnative-atlas #12

18.0.0 → 18.0.4 Patch PR

Open 18 days ago 3 comments

Bump marked from 18.0.2 to 18.0.4 in /dokassist

vGsteiger/RamDoc #295

18.0.2 → 18.0.4 Patch PR

Open 19 days ago 1 comment

npm(deps): bump marked from 18.0.3 to 18.0.4

Chloemlla/Happy-TTS #741

18.0.3 → 18.0.4 Patch PR

Open 19 days ago 3 comments

Bump the patches group with 2 updates

buttonrocklabs/website #29

18.0.3 → 18.0.4 Patch PR

Open 19 days ago 2 comments

Package Details

Name:	`marked`
Ecosystem:	npm
PURL Type:	npm
Package URL:	`pkg:npm/marked`
JSON API:	View JSON

Security Advisories

13

Active advisories

HIGH 5

MODERATE 7

LOW 1

View All npm Advisories

Package Information

Description:

A markdown parser built for speed

Repository:	https://github.com/markedjs/marked
Homepage:	https://marked.js.org
Latest Release:	`15.0.12` about 1 year ago
Dependent Repos:	468,889
Dependent Packages:	12,165
Downloads:	53,233,314
Ranking:	Top 0.0534% by dependent repos Top 0.0421% by downloads Top 0.0083% by dependent pkgs

PR Status

Open 2,190 (47.1%)

Merged 459 (9.9%)

Closed 1,770 (38.0%)

PR Types

Major 2,275 (48.9%)

Minor 760 (16.3%)

Patch 1,376 (29.6%)

Removal 6 (0.1%)

marked

Security Advisories

Multiple Content Injection Vulnerabilities in marked

Inefficient Regular Expression Complexity in marked

Regular Expression Denial of Service in marked

Marked ReDoS due to email addresses being evaluated in quadratic time

Marked Vulnerable to OOM Denial of Service via Infinite Recursion in marked Tokenizer

Recent PRs

Package Details

Security Advisories

13

Package Information

PR Status

PR Types

`marked`