CVE-2026-7596

🗓️ 01 May 2026 21:00:19Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 11 Views🌐 WEB

CVE-2026-7596 affects nextlevelbuilder slide generator; data.get in generate-slide.py enables remote cross site scripting.

Reporter	Title	Published	Views	Family All 7
ATTACKERKB	CVE-2026-7596	1 May 202621:00	–	attackerkb
CNNVD	UI UX Pro Max 跨站脚本漏洞	1 May 202600:00	–	cnnvd
Cvelist	CVE-2026-7596 nextlevelbuilder ui-ux-pro-max-skill Slide Generator generate-slide.py data.get cross site scripting	1 May 202621:00	–	cvelist
EUVD	EUVD-2026-26720	1 May 202621:00	–	euvd
NVD	CVE-2026-7596	1 May 202621:16	–	nvd
Positive Technologies	PT-2026-36548	1 May 202600:00	–	ptsecurity
Vulnrichment	CVE-2026-7596 nextlevelbuilder ui-ux-pro-max-skill Slide Generator generate-slide.py data.get cross site scripting	1 May 202621:00	–	vulnrichment

Vulners

Node

nextlevelbuilder ui-ux-pro-max-skillMatch2.0

nextlevelbuilder ui-ux-pro-max-skillMatch2.1

nextlevelbuilder ui-ux-pro-max-skillMatch2.2

nextlevelbuilder ui-ux-pro-max-skillMatch2.3

nextlevelbuilder ui-ux-pro-max-skillMatch2.4

nextlevelbuilder ui-ux-pro-max-skillMatch2.5.0

[
  {
    "vendor": "nextlevelbuilder",
    "product": "ui-ux-pro-max-skill",
    "versions": [
      {
        "version": "2.0",
        "status": "affected"
      },
      {
        "version": "2.1",
        "status": "affected"
      },
      {
        "version": "2.2",
        "status": "affected"
      },
      {
        "version": "2.3",
        "status": "affected"
      },
      {
        "version": "2.4",
        "status": "affected"
      },
      {
        "version": "2.5.0",
        "status": "affected"
      }
    ],
    "modules": [
      "Slide Generator"
    ]
  }
]

Source	Link
github	www.github.com/nextlevelbuilder/ui-ux-pro-max-skill/
vuldb	www.vuldb.com/vuln/360549
github	www.github.com/nextlevelbuilder/ui-ux-pro-max-skill/pull/274
github	www.github.com/nextlevelbuilder/ui-ux-pro-max-skill/issues/247
vuldb	www.vuldb.com/vuln/360549/cti
vuldb	www.vuldb.com/submit/805510

Parameter	Position	Path	Description	CWE
data	path	.claude/skills/design-system/scripts/generate-slide.py	XSS vulnerability in generate-slide.py via unsanitized user input accessed with data.get	CWE-94, CWE-79

05 May 2026 19:17Current

4Medium risk

Vulners AI Score4

CVSS 3.14.3

CVSS 25

CVSS 45.3

CVSS 34.3

EPSS0.00017

SSVC