Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Microsoft CVE
Microsoft CVEadded 2026/05/27 8:10 a.m.8 views

Invoking duplicate attributes can cause XSS in golang.org/x/net/html

...

6.1CVSS5.8AI score0.00031EPSS
Exploits0
Snyk
Snykadded 2026/05/22 5:42 p.m.7 views

Cross-site Scripting (XSS)

Overview github.com/golang/net/html is a package that implements an HTML5-compliant tokenizer and parser. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the readStartTag function in the Tokenizer. An attacker can cause the execution of scripts in the context of t...

6.1CVSS5.7AI score0.00031EPSS
Exploits0References3
Snyk
Snykadded 2026/05/22 5:42 p.m.7 views

Cross-site Scripting (XSS)

Overview golang.org/x/net/html is a package that implements an HTML5-compliant tokenizer and parser. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the readStartTag function in the Tokenizer. An attacker can cause the execution of scripts in the context of the...

6.1CVSS5.7AI score0.00031EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/05/22 3:1 p.m.5 views

CVE-2026-27136 Invoking duplicate attributes can cause XSS in golang.org/x/net/html

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

6AI score0.00031EPSS
Exploits0References4
CVE
CVEadded 2026/05/22 3:1 p.m.14 views

CVE-2026-27136

CVE-2026-27136 affects golang.org/x/net/html. The issue arises when parsing HTML and rendering via Render, yielding an unexpected HTML tree due to duplicate attributes, which can enable XSS in applications that sanitize input HTML before rendering. The connected docs specify the vulnerability inv...

6.1CVSS6AI score0.00031EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/05/22 3:1 p.m.5 views

CVE-2026-27136 Invoking duplicate attributes can cause XSS in golang.org/x/net/html

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

0.00031EPSS
Exploits0References4
OSV
OSVadded 2026/05/22 2:46 a.m.4 views

GO-2026-5030 Invoking duplicate attributes can cause XSS in golang.org/x/net/html

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

6.1CVSS6AI score0.00031EPSS
Exploits0References3
OSV
OSVadded 2025/10/07 3:19 p.m.2 views

CVE-2023-53631 platform/x86: dell-sysman: Fix reference leak

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-sysman: Fix reference leak If a duplicate attribute is found using ksetfindobj, a reference to that attribute is returned. This means that we need to dispose it accordingly. Use kobjectput to dispose the...

5.5CVSS6.4AI score0.00017EPSS
Exploits0References8
CNNVD
CNNVDadded 2023/12/07 12:0 a.m.3 views

Dalmann OCPP.Core Security Vulnerability

Dalmann OCPP.Core is an OCPP Open Charge Point Protocol server written in .NET 6 by Ulrich Individual Developers. A security vulnerability exists in Dalmann OCPP.Core versions prior to 1.2.0, which stems from the server mishandling StartTransaction messages containing additional, arbitrary, or...

7.5CVSS7.5AI score0.00299EPSS
Exploits1References2
Rows per page
Query Builder