edf-centrifuge (=1.0.0) potentially affected by CVE-2026-35212 via pycti (=6.9.29)

pycti PYPI version =6.9.29 is affected by a known vulnerability. The following packages have a transitive dependency on pycti and may be impacted: - edf-centrifuge =1.0.0 Source cves: CVE-2026-35212 Source advisory: OSV:PYSEC-2026-203...

CVE-2026-35212 OpenCTI has XSS in the rendering of email-message observable body data

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Versions prior to 7.260227.0 are vulnerable to XSS in the rendering of email-message observable body data. The content of the body field isn't appropriately sanitized when being rendered. Does...