chore(deps): update dependency markdown-it to >=14.1.1 [security] - autoclosed

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
markdown-it	>=14.1.0 → >=14.1.1

GitHub Vulnerability Alerts

CVE-2026-2327

Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the use of the regex /*+$/ in the linkify function. An attacker can supply a long sequence of * characters followed by a non-matching character, which triggers excessive backtracking and may lead to a denial-of-service condition.

Severity

• CVSS Score: 5.5 / 10 (Medium)
• Vector String: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

---

Release Notes

markdown-it/markdown-it (markdown-it)

v14.1.1

Compare Source

Security

• Fixed regression from v13 in linkify inline rule. Specific patterns could
  cause high CPU use. Thanks to @​ltduc147 for report.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • ""
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

❌ Failed to deploy to Netlify

Platform	Status	URL
Ubuntu	Failed	Please check the status and logs of the workflow run.
Windows	Failed	Please check the status and logs of the workflow run.