Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Vulnrichment
Vulnrichmentadded 2026/04/06 5:37 p.m.1 views

CVE-2026-35166 Hugo does not properly escape some Markdown links

Hugo is a static site generator. From 0.60.0 to before 0.159.2, links and image links in the default markdown to HTML renderer are not properly escaped. Hugo users who trust their Markdown content or have custom render hooks for links and images are not affected. This vulnerability is fixed in...

5.3CVSS5.8AI score0.00012EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/06 5:37 p.m.18 views

CVE-2026-35166 Hugo does not properly escape some Markdown links

Hugo is a static site generator. From 0.60.0 to before 0.159.2, links and image links in the default markdown to HTML renderer are not properly escaped. Hugo users who trust their Markdown content or have custom render hooks for links and images are not affected. This vulnerability is fixed in...

5.3CVSS0.00012EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/04/06 12:0 a.m.6 views

Hugo 跨站脚本漏洞

Hugo is a framework based on the Go language used for quickly generating static websites within the Gohugoio community. Versions of Hugo from 0.60.0 to 0.159.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper escaping of links and image links in the default...

5.4CVSS5.7AI score0.00012EPSS
Exploits0References2
Rows per page
Query Builder