CVE-2026-12888

CVE-2026-12888 describes an HTML injection vulnerability in the Google Chat webhook notification sent by Thinkst Applied Research Canarytokens. The issue allows interface manipulation by an attacker who can insert limited HTML content, including links, into the webhook payload. Affects Canarytoke...

EUVD-2026-38240

An HTML injection vulnerability exists in the Google Chat webhook notification sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation in Google Chat. An attacker can insert limited HTML content including links. This issue affects Canarytokens: from Docker tag sha-4aef1db90...

Server Side Request Forgery

github.com/usememos/memos is vulnerable to Server Side Request Forgery. The vulnerability is due to improper input validation at the /o/get/httpmeta endpoint in the file httpgetter.go, allowing unauthenticated users to enumerate the internal network and receive limited HTML values in JSON form...

memos 安全漏洞

memos is an open source hosted memo center with knowledge management and social features. A security vulnerability exists in memos version 0.13.2, which stems from /o/get/httpmeta allows unauthenticated users to enumerate the internal network and receive limited html values in the form of json...