U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2026-42349

Change History

CVE Modified by CISA-ADP 6/17/2026 6:47:43 AM

Action Type Old Value New Value
Added SSVC

                  
                
              
{"timestamp":"2026-05-14T18:18:41.752602Z","id":"CVE-2026-42349","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}

CVE Modified by GitHub, Inc. 6/17/2026 6:47:43 AM

Action Type Old Value New Value
Added Affected

                  
                
              
[{"vendor":"clerk","product":"javascript","versions":[{"version":">= 5.22.0, < 5.125.10","status":"affected"},{"version":">= 6.0.0, < 6.7.5","status":"affected"}]},{"vendor":"@clerk","product":"shared","versions":[{"version":">= 3.0.0, <= 3.47.4","status":"affected"},{"version":">= 4.0.0, <= 4.8.2","status":"affected"}]},{"vendor":"@clerk","product":"backend","versions":[{"version":">= 2.0.0, <= 2.33.2","status":"affected"},{"version":">= 3.0.0, <= 3.2.13","status":"affected"}]},{"vendor":"@clerk","product":"nextjs","versions":[{"version":">= 6.0.0, <= 6.39.2","status":"affected"},{"version":">= 7.0.0, <= 7.2.3","status":"affected"}]},{"vendor":"@clerk","product":"clerk-react","versions":[{"version":">= 5.9.0, <= 5.61.5","status":"affected"}]},{"vendor":"@clerk","product":"react","versions":[{"version":">= 6.0.0, <= 6.4.2","status":"affected"}]},{"vendor":"@clerk","product":"vue","versions":[{"version":">= 1.0.0, <= 1.17.20","status":"affected"},{"version":">= 2.0.0, <= 2.0.15","status":"affected"}]},{"vendor":"@clerk","product":"astro","versions":[{"version":">= 2.0.0, <= 2.17.10","status":"affected"},{"version":">= 3.0.0, <= 3.0.17","status":"affected"}]},{"vendor":"@clerk","product":"nuxt","versions":[{"version":">= 1.0.0, <= 1.13.28","status":"affected"},{"version":">= 2.0.0, <= 2.2.4","status":"affected"}]},{"vendor":"@clerk","product":"clerk-expo","versions":[{"version":">= 2.2.11, <= 2.19.35","status":"affected"}]},{"vendor":"@clerk","product":"expo","versions":[{"version":">= 3.0.0, <= 3.2.1","status":"affected"}]},{"vendor":"@clerk","product":"react-router","versions":[{"version":">= 0.0.1, <= 2.4.12","status":"affected"},{"version":">= 3.0.0, <= 3.1.3","status":"affected"}]},{"vendor":"@clerk","product":"tanstack-react-start","versions":[{"version":">= 0.0.1, <= 0.29.10","status":"affected"},{"version":">= 1.0.0, <= 1.1.3","status":"affected"}]},{"vendor":"@clerk","product":"chrome-extension","versions":[{"version":">= 1.3.5, <= 2.9.14","status":"affected"},{"version":">= 3.0.0, <= 3.1.14","status":"affected"}]},{"vendor":"@clerk","product":"fastify","versions":[{"version":">= 1.0.42, <= 2.6.30","status":"affected"},{"version":">= 3.0.0, <= 3.1.15","status":"affected"}]},{"vendor":"@clerk","product":"express","versions":[{"version":">= 0.1.0, <= 1.7.78","status":"affected"},{"version":">= 2.0.0, <= 2.1.5","status":"affected"}]},{"vendor":"@clerk","product":"hono","versions":[{"version":">= 0.0.2, <= 0.1.15","status":"affected"}]}]