Lucene search
K

1470 matches found

RedhatCVE
RedhatCVE
added 5 days ago6 views

CVE-2026-59926

A flaw was found in Mistune, a Python Markdown parser. The renderadmonition function in the Admonition directive concatenates user-controlled input into the HTML class attribute without proper escaping. This vulnerability allows for attribute injection and Cross-Site Scripting XSS attacks, even...

6.1CVSS6.3AI score0.00191EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 5 days ago6 views

CVE-2026-59927

A flaw was found in Mistune, a Python Markdown parser. The Include directive in Mistune's src/mistune/directives/include.py does not properly detect indirect cycles when two Markdown files include each other. This oversight allows for unbounded recursion, which can lead to a RecursionError and...

5.3CVSS5.9AI score0.00307EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 5 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-59927

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the Include directive in src/mistune/directives/include.py detects only direct...

5.3CVSS6.1AI score0.00307EPSS
Exploits1References3
NVD
NVD
added 6 days ago10 views

CVE-2026-59927

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the Include directive in src/mistune/directives/include.py detects only direct self-includes and not indirect cycles, allowing two markdown files that include each other to trigger unbounded recursion, raise...

5.3CVSS0.00307EPSS
Exploits1References3
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42339

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the Include directive in src/mistune/directives/include.py detects only direct self-includes and not indirect cycles, allowing two markdown files that include each other to trigger unbounded recursion, raise...

5.3CVSS6AI score0.00307EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 6 days ago5 views

CVE-2026-59927

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the Include directive in src/mistune/directives/include.py detects only direct self-includes and not indirect cycles, allowing two markdown files that include each other to trigger unbounded recursion, raise...

5.3CVSS6AI score0.00307EPSS
Exploits1References4Affected Software1
CVE
CVE
added 6 days ago11 views

CVE-2026-59924

Mistune (Python Markdown parser) prior to v3.3.0 contains a path traversal flaw in Include.parse() where include paths are joined/normalized without ensuring the result stays inside the markdown directory. When processing markdown files via md.read(), crafted include paths could read files outsid...

5.9CVSS6AI score0.0034EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 6 days ago36 views

CVE-2026-59924 Mistune: Arbitrary File Read via Include directive path traversal

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Include.parse joins and normalizes user-supplied include paths without verifying that the result remains within the intended markdown directory, allowing crafted include paths to access files outside that directory wh...

5.9CVSS0.0034EPSS
Exploits1References3
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-59926 Mistune: XSS via unescaped class option in Admonition directive

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, renderadmonition in src/mistune/directives/admonition.py concatenates the Admonition directive :class: option into the HTML class attribute without escaping, allowing attribute injection and cross-site scripting even...

5.3CVSS0.00191EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42334

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, renderadmonition in src/mistune/directives/admonition.py concatenates the Admonition directive :class: option into the HTML class attribute without escaping, allowing attribute injection and cross-site scripting even...

5.3CVSS5.8AI score0.00191EPSS
Exploits0References3
CVE
CVE
added 2026/06/29 5:23 p.m.22 views

CVE-2026-57958

Summary: Mixpost

6.1CVSS5.9AI score0.00168EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/29 5:23 p.m.10 views

EUVD-2026-40143

Mixpost through 2.6.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in authenticated users' browsers by crafting malicious OAuth callback URLs with unsanitized error query parameters. Attackers can exploit the OAuth...

6.1CVSS5.9AI score0.00168EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/29 4:12 p.m.36 views

CVE-2026-13751 Snowflake CLI Server-Side Request Forgery via Arbitrary URL Fetch in !source/!load

Improper handling of untrusted remote references in Snowflake CLI versions prior to 3.19 allowed server-side request forgery. The SQL statement reader's !source/!load directives could reference remote URLs that were retrieved at runtime without sufficient restriction on the request destination. B...

4.1CVSS0.00118EPSS
Exploits0References1
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-366 Jupyter Server: Stored XSS in `NbconvertFileHandler` / `NbconvertPostHandler` via missing `sandbox` CSP

The nbconvert HTTP handlers in jupyterserver render user-authored notebook HTML under the Jupyter origin without a sandbox directive in their Content-Security-Policy. Combined with nbconvert.HTMLExporter's default non-sanitizing behavior, a notebook carrying an HTML payload in a displaydata outpu...

9.3CVSS5.8AI score0.00227EPSS
Exploits0References6
NVD
NVD
added 2026/06/22 7:17 p.m.31 views

CVE-2026-50146

Astro is a web framework. Prior to 6.3.3, when a component uses a client: directive, Astro inserts named slot content into a data-astro-template attribute without HTML escaping the slot name allowing an attacker to break out of the attribute context and inject arbitrary HTML, resulting in reflect...

7.1CVSS0.00177EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/22 5:31 p.m.33 views

CVE-2026-50146 Astro: Reflected XSS via unescaped slot name

Astro is a web framework. Prior to 6.3.3, when a component uses a client: directive, Astro inserts named slot content into a data-astro-template attribute without HTML escaping the slot name allowing an attacker to break out of the attribute context and inject arbitrary HTML, resulting in reflect...

7.1CVSS0.00177EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 5:31 p.m.6 views

CVE-2026-50146

Astro is a web framework. Prior to 6.3.3, when a component uses a client: directive, Astro inserts named slot content into a data-astro-template attribute without HTML escaping the slot name allowing an attacker to break out of the attribute context and inject arbitrary HTML, resulting in reflect...

7.1CVSS5.9AI score0.00177EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/06/22 5:31 p.m.24 views

CVE-2026-50146

CVE-2026-50146 affects the Astro web framework prior to 6.3.3. When a component uses a client:* directive, Astro inserts named slot content into a data-astro-template attribute without escaping the slot name, allowing an attacker to break out of the attribute context and inject arbitrary HTML, re...

7.1CVSS5.9AI score0.00177EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/06/17 8:4 p.m.12 views

EUVD-2026-37792

When NGINX Plus or NGINX Open Source is configured as the data plane for NGINX Gateway Fabric, an injection vulnerability exists in the NGINX configuration generator component of NGINX Gateway Fabric. User-supplied string values from the NginxProxy Custom Resource Definition CRD access log format...

8.6CVSS5.6AI score0.00492EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/17 4:39 p.m.6 views

Improper Neutralization of Equivalent Special Elements

Overview Affected versions of this package are vulnerable to Improper Neutralization of Equivalent Special Elements via the NGINX configuration generator component. An attacker can inject arbitrary NGINX configuration directives by supplying crafted values to the serverTokens or extraAuthArgs...

8.6CVSS5.9AI score0.00567EPSS
Exploits0References2
Rows per page
Query Builder