Windows Notepad Markdown Link Exposure Test

This Metasploit auxiliary module is a non-exploit, safety-focused research tool designed to generate a Markdown file for analyzing how Windows Notepad handles external links. It creates a controlled test document containing a user-defined URL and stores it locally for inspection...

Windows Notepad WebDAV UNC Reference Markdown File Generator

This Metasploit auxiliary module is a file-format generation tool intended for security testing of a CVE-2026-20841 related to Windows Notepad Markdown handling. It produces a Markdown file containing a UNC WebDAV-style path embedded as a clickable link for behavioral analysis...

exploit_db.md

e...

GHSA-W4RC-P66M-X6QQ Grav Form Plugin has an Anonymous Page Content Overwrite via Form File Upload filename Override

Summary Tested on Form 9.0.3 released on April, 28th The Form plugin's file upload handler at user/plugins/form/classes/Form.php:583 accepts a POST-supplied filename parameter $filename = $post'filename' ?? $upload'file''name' that overrides the original uploaded filename. The override passes...

CVE-2026-44111 OpenClaw < 2026.4.15 - Arbitrary Markdown File Read via QMD memory_get

OpenClaw before 2026.4.15 contains an arbitrary file read vulnerability in the QMD backend memoryget function that allows callers to read any Markdown files within the workspace root. Attackers with access to the memory tool can bypass path restrictions by providing arbitrary workspace Markdown...

PT-2026-38283

Name of the Vulnerable Software and Affected Versions Grav form plugin versions prior to 9.1.0 Description An unauthenticated page-content overwrite exists via file upload. The file upload handler in user/plugins/form/classes/Form.php uses a filename parameter that can be controlled via POST...

CVE-2026-40201

@diplodoc/search-extension 1.0.0 through 3.x before 3.0.3 allows stored XSS via the title in a .md file...

CVE-2026-35169 LORIS has potential cross-site scripting in help_editor module

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From to before 27.0.3 and 28.0.1, the helpeditor module of LORIS did not properly sanitize some user supplied variables which could result i...

Spring AI Agentic Patterns (Part 6): AutoMemoryTools — Persistent Agent Memory Across Sessions

File-Based Long-Term Memory for Spring AI Agents Agents are only as useful as what they remember. Spring AI's Chat Memory stores the full conversation and can persist it across restarts, but when the window fills, the oldest messages are evicted. The upcoming Session API will add recursive...

CVE-2026-4833

CVE-2026-4833 affects Orc discount up to 3.0.1.2, specifically the Markdown Handler's markdown.c compile function. The issue causes uncontrolled recursion when fed input such as an infinitely deep blockquote, leading to a local-execution crash. Public exploit availability exists, and the project ...

CVE-2026-29082

Kestra, an event-driven orchestration platform, has a Stored XSS risk in versions 1.1.10 and earlier due to the execution-file preview rendering user-supplied Markdown with markdown-it (html: true) and injecting the HTML via Vue’s v-html without sanitisation. This can allow an attacker to inject ...

CVE-2025-65716

An issue in Visual Studio Code Extensions Markdown Preview Enhanced v0.8.18 allows attackers to execute arbitrary code via uploading a crafted .Md file...

CVE-2025-65716

An issue in Visual Studio Code Extensions Markdown Preview Enhanced v0.8.18 allows attackers to execute arbitrary code via uploading a crafted .Md file...

PT-2026-8355

Name of the Vulnerable Software and Affected Versions Visual Studio Code Extensions Markdown Preview Enhanced version 0.8.18 Description A flaw exists in Visual Studio Code Extensions Markdown Preview Enhanced version 0.8.18 that could allow attackers to execute arbitrary code. This is achieved b...

CVE-2021-47838

Markright 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to embed malicious payloads in markdown files. Attackers can upload specially crafted markdown files that execute arbitrary JavaScript when opened, potentially enabling remote code execution on the victim...

CVE-2023-31194

An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted markdown file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability...

CVE-2022-42967

Caret is vulnerable to an XSS attack when the user opens a crafted Markdown file when preview mode is enabled. This directly leads to client-side code execution...

CVE-2025-67843

A Server-Side Template Injection SSTI vulnerability in the MDX Rendering Engine in Mintlify Platform before 2025-11-15 allows remote attackers to execute arbitrary code via inline JSX expressions in an MDX file...

CVE-2023-53940

CVE-2023-53940 affects Codigo Markdown Editor 1.0.1 (Electron). The vulnerability arises from handling of markdown files where an embedded video source with an onerror event can trigger arbitrary shell commands via Node.js child_process, enabling code execution when the file is opened. Public ind...

CVE-2023-53940 Codigo Markdown Editor 1.0.1 Electron Arbitrary Code Execution via Markdown File

Codigo Markdown Editor 1.0.1 contains a code execution vulnerability that allows attackers to run arbitrary system commands by crafting a malicious markdown file. Attackers can embed a video source with an onerror event that executes shell commands through Node.js childprocess module when the fil...