Lucene search
+L

33 matches found

euvd
euvd
added 6 days ago6 views

EUVD-2026-42764

A vulnerability was identified in NousResearch hermes-agent up to 2026.5.29.2. Affected by this issue is the function MatrixAdapter.markdowntohtml of the file gateway/platforms/matrix.py of the component Matrix Adapter. Such manipulation leads to cross site scripting. The attack can be executed...

5.1CVSS4.2AI score0.00203EPSS
Exploits0References8
nvd
nvd
added 6 days ago4 views

CVE-2026-15311

A vulnerability was identified in NousResearch hermes-agent up to 2026.5.29.2. Affected by this issue is the function MatrixAdapter.markdowntohtml of the file gateway/platforms/matrix.py of the component Matrix Adapter. Such manipulation leads to cross site scripting. The attack can be executed...

5.1CVSS0.00203EPSS
Exploits0References7
cvelist
cvelist
added last week28 views

CVE-2026-15311 NousResearch hermes-agent Matrix Adapter matrix.py MatrixAdapter._markdown_to_html cross site scripting

A vulnerability was identified in NousResearch hermes-agent up to 2026.5.29.2. Affected by this issue is the function MatrixAdapter.markdowntohtml of the file gateway/platforms/matrix.py of the component Matrix Adapter. Such manipulation leads to cross site scripting. The attack can be executed...

5.1CVSS0.00203EPSS
Exploits0References7
osv
osv
added last week3 views

CVE-2026-15311 NousResearch hermes-agent Matrix Adapter matrix.py MatrixAdapter._markdown_to_html cross site scripting

A vulnerability was identified in NousResearch hermes-agent up to 2026.5.29.2. Affected by this issue is the function MatrixAdapter.markdowntohtml of the file gateway/platforms/matrix.py of the component Matrix Adapter. Such manipulation leads to cross site scripting. The attack can be executed...

5.1CVSS4.6AI score0.00203EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.11 views

PT-2026-56665

Name of the Vulnerable Software and Affected Versions Drupal AI SEO/GEO Analyzer versions 0.0.0 through 1.1.3 Description Stored Cross-site Scripting XSS occurs when the module generates SEO/GEO analysis reports by sending entity content, including comments, to a Large Language Model LLM. The...

6.1AI score0.00274EPSS
Exploits0References3
nvd
nvd
added 2026/06/24 10:16 p.m.10 views

CVE-2026-54070

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, renderPackageREADME in kernel/bazaar/readme.go renders a Bazaar package README from Markdown to HTML with the lute engine and SetSanitizetrue. The lute sanitizer is an event-handler blocklist: allowAttr rejects only...

7.1CVSS0.0018EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:40 p.m.11 views

CVE-2026-43979

Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.0, PDFService.markdowntohtml constructs an HTML document by interpolating user-controlled values — specifically title sourced from research.title or research.query and metadata key-value pairs —...

5CVSS5.6AI score0.00263EPSS
Exploits0References1
nvd
nvd
added 2026/05/28 7:16 p.m.15 views

CVE-2026-43979

Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.0, PDFService.markdowntohtml constructs an HTML document by interpolating user-controlled values — specifically title sourced from research.title or research.query and metadata key-value pairs —...

5CVSS0.00263EPSS
Exploits0References3
cvelist
cvelist
added 2026/05/28 5:59 p.m.30 views

CVE-2026-43979 Local Deep Research: HTML Injection via Unescaped User Input in PDF Export (`pdf_service.py:_markdown_to_html`)

Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.0, PDFService.markdowntohtml constructs an HTML document by interpolating user-controlled values — specifically title sourced from research.title or research.query and metadata key-value pairs —...

5CVSS0.00263EPSS
Exploits0References3
cve
cve
added 2026/05/28 5:59 p.m.16 views

CVE-2026-43979

CVE-2026-43979 affects Local Deep Research. Before 1.6.0, PDFService._markdown_to_html() embeds user-supplied title and metadata into HTML without escaping, allowing HTML injection in the PDF export flow. This can chain into SSRF via WeasyPrint when rendering the PDF, bypassing existing SSRF defe...

5CVSS5.9AI score0.00263EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/05/28 5:59 p.m.10 views

CVE-2026-43979

Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.0, PDFService.markdowntohtml constructs an HTML document by interpolating user-controlled values — specifically title sourced from research.title or research.query and metadata key-value pairs —...

5CVSS5.9AI score0.00263EPSS
Exploits0References4Affected Software1
osv
osv
added 2026/05/28 5:59 p.m.2 views

CVE-2026-43979 Local Deep Research: HTML Injection via Unescaped User Input in PDF Export (`pdf_service.py:_markdown_to_html`)

Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.0, PDFService.markdowntohtml constructs an HTML document by interpolating user-controlled values — specifically title sourced from research.title or research.query and metadata key-value pairs —...

5CVSS6.1AI score0.00263EPSS
Exploits0References5
cnnvd
cnnvd
added 2026/05/28 12:0 a.m.10 views

Local Deep Research 安全漏洞

Local Deep Research is an AI search assistant developed by LearningCircuit. Versions prior to 1.6.0 of Local Deep Research contained a security vulnerability. This vulnerability stemmed from PDFService.markdowntohtml not properly escaping user-controlled values, allowing authentication attackers ...

5CVSS5.9AI score0.00263EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/05/27 12:0 a.m.17 views

PT-2026-47121

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=516422428 Crash type: Heap-buffer-overflow READ Crash state: md process all blocks md parse md html...

5.4AI score
Exploits0References2
osv
osv
added 2026/05/21 9:27 p.m.4 views

GHSA-JV8M-2544-3PG3 Twig: HTML-output filters in twig/* extras incorrectly declared `is_safe => ['all']`

Description Several filters in the twig/ extras packages are registered with issafe = 'all', which tells Twig's autoescaper to treat their output as safe in every context html, js, css, url, .... The output of these filters is plain text or HTML markup, neither of which is safe in every escaping...

5.3CVSS5.8AI score0.00268EPSS
Exploits0References5
github
github
added 2026/05/21 9:27 p.m.17 views

Twig: HTML-output filters in twig/* extras incorrectly declared `is_safe => ['all']`

Description Several filters in the twig/ extras packages are registered with issafe = 'all', which tells Twig's autoescaper to treat their output as safe in every context html, js, css, url, .... The output of these filters is plain text or HTML markup, neither of which is safe in every escaping...

5.4CVSS5.8AI score0.00268EPSS
Exploits0References5Affected Software2
ptsecurity
ptsecurity
added 2026/05/21 12:0 a.m.12 views

PT-2026-42631

Description Several filters in the twig/ extras packages are registered with is safe = 'all', which tells Twig's autoescaper to treat their output as safe in every context html, js, css, url, .... The output of these filters is plain text or HTML markup, neither of which is safe in every escaping...

5.3CVSS5.8AI score0.00268EPSS
Exploits0References6
snyk
snyk
added 2026/05/11 7:40 p.m.7 views

Cross-site Scripting (XSS)

Overview local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches Affected versions of this package are vulnerable to Cross-site Scripting XSS via the PDFService.markdowntohtml function. An attacker can cause the server to make unauthorized...

9.9CVSS5.2AI score0.00263EPSS
Exploits0References2
snyk
snyk
added 2026/03/20 8:56 p.m.3 views

Cross-site Scripting (XSS)

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Cross-site Scripting XSS in the markDownToHTML function. An attacker can execute arbitrary JavaScript in the context of another user's browser session by crafting ...

5.4CVSS5.8AI score0.00218EPSS
Exploits1References2
euvd
euvd
added 2025/12/08 3:30 p.m.7 views

EUVD-2025-201710

In affected versions, vulnerability-lookup handled user-controlled content in comments and bundles in an unsafe way, which could lead to stored Cross-Site Scripting XSS. On the backend, the relatedvulnerabilities field of bundles accepted arbitrary strings without format validation or proper...

8.3CVSS5.6AI score0.00256EPSS
Exploits0References2
Rows per page
Query Builder