CVE-2025-8263 | prettier up to 3.6.2 parser-postcss.js parseNestedCSS node redos (Issue 17737)

A vulnerability was found in prettier up to 3.6.2. It has been declared as problematic. Affected by this vulnerability is the function parseNestedCSS of the file src/language-css/parser-postcss.js. The manipulation of the argument node leads to inefficient regular expression complexity.

This vulnerability is known as CVE-2025-8263. The attack can be launched remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More