CVE-2025-8263

Name of the Vulnerable Software and Affected Versions prettier versions up to 3.6.2

Description A vulnerability exists in prettier due to inefficient regular expression complexity within the parseNestedCSS function of the src/language-css/parser-postcss.js file. The manipulation of the node argument can trigger this issue. The attack can be launched remotely, and the exploit has been publicly disclosed.

Recommendations Versions prior to 3.6.2 are not affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.