Skip to main content

Dioxus Components CVE-2026-24474

Code Injection (CWE-94)
2026-01-24 security-advisories@github.com

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:59 vuln.today
CVE Published
Jan 24, 2026 - 00:15 nvd
N/A

DescriptionCVE.org

Dioxus Components is a shadcn-style component library for the Dioxus app framework. Prior to commit 41e4242ecb1062d04ae42a5215363c1d9fd4e23a, use_animated_open formats a string for eval with an id that can be user supplied. Commit 41e4242ecb1062d04ae42a5215363c1d9fd4e23a patches the issue.

AnalysisAI

Dioxus Components is a shadcn-style component library for the Dioxus app framework. Prior to commit 41e4242ecb1062d04ae42a5215363c1d9fd4e23a, use_animated_open formats a string for eval with an id that can be user supplied.

Technical ContextAI

Classified as CWE-94 (Code Injection). Dioxus Components is a shadcn-style component library for the Dioxus app framework. Prior to commit 41e4242ecb1062d04ae42a5215363c1d9fd4e23a, use_animated_open formats a string for eval with an id that can be user supplied. Commit 41e4242ecb1062d04ae42a5215363c1d9fd4e23a patches the issue.

Affected ProductsAI

Dioxus Components is a shadcn-style component library for the Dioxus app framework

RemediationAI

Monitor vendor advisories for a patch.

Share

CVE-2026-24474 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy