Linux Distros Unpatched Vulnerability : CVE-2026-48988

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - markdown-it is a Markdown parser. Versions 14.1.1 and below contain a denial-of-service vulnerability when typographer: true is enabled, due to quadratic On^2...

UBUNTU-CVE-2026-48988

markdown-it is a Markdown parser. Versions 14.1.1 and below contain a...

CVE-2026-48988

markdown-it is a Markdown parser. Versions 14.1.1 and below contain a denial-of-service vulnerability when typographer: true is enabled, due to quadratic On^2 processing in the smartquotes rule. The issue stems from repeatedly modifying strings with replaceAt, which performs On slicing and...

markdown-it: Quadratic complexity DoS in smartquotes rule via replaceAt string operations

Summary A quadratic time complexity vulnerability exists in markdown-it's smartquotes rule enabled via the typographer: true option. An attacker can craft a markdown input consisting of consecutive quotation marks that causes the parser to consume excessive CPU time, leading to denial of service...

GHSA-6V5V-WF23-FMFQ markdown-it: Quadratic complexity DoS in smartquotes rule via replaceAt string operations

Summary A quadratic time complexity vulnerability exists in markdown-it's smartquotes rule enabled via the typographer: true option. An attacker can craft a markdown input consisting of consecutive quotation marks that causes the parser to consume excessive CPU time, leading to denial of service...

PT-2026-49555

Name of the Vulnerable Software and Affected Versions markdown-it affected versions not specified Description A quadratic time complexity issue exists in the smartquotes rule when the typographer: true option is enabled. An attacker can provide markdown input containing a large number of...

ROOT-APP-NPM-CVE-2026-2327 CVE-2026-2327 in @rootio/markdown-it - Patched by Root

Root has patched CVE-2026-2327 in the @rootio/markdown-it package for Root:npm. Multiple fixed versions available...

CVE-2026-48988

creationtimestamp| type| source ---|---|--- 2026-05-23 23:47:27+00:00| published-proof-of-concept| https://github.com/markdown-it/markdown-it/security/advisories/GHSA-6v5v-wf23-fmfq 2026-06-17 22:39:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mojeymb5ll2z...

CVE-2026-29082

Kestra is an event-driven orchestration platform. In versions from 1.1.10 and prior, Kestra’s execution-file preview renders user-supplied Markdown .md with markdown-it instantiated as html:true and injects the resulting HTML with Vue’s v-html without sanitisation. At time of publication, there a...

CVE-2026-29082 Kestra: Stored Cross-Site Scripting in Markdown File Preview

Kestra is an event-driven orchestration platform. In versions from 1.1.10 and prior, Kestra’s execution-file preview renders user-supplied Markdown .md with markdown-it instantiated as html:true and injects the resulting HTML with Vue’s v-html without sanitisation. At time of publication, there a...

CVE-2026-29082

Kestra, an event-driven orchestration platform, has a Stored XSS risk in versions 1.1.10 and earlier due to the execution-file preview rendering user-supplied Markdown with markdown-it (html: true) and injecting the HTML via Vue’s v-html without sanitisation. This can allow an attacker to inject ...

EUVD-2026-10046

Kestra is an event-driven orchestration platform. In versions from 1.1.10 and prior, Kestra’s execution-file preview renders user-supplied Markdown .md with markdown-it instantiated as html:true and injects the resulting HTML with Vue’s v-html without sanitisation. At time of publication, there a...

GHSA-WWP2-X4RJ-J8RM NocoDB Vulnerable to Stored Cross-Site Scripting via Rich Text Cells

Summary Rich text cell content rendered via v-html without sanitization, enabling stored XSS. Details Rich text in TextArea.vue was parsed by markdown-it with html: true and injected via v-html without DOMPurify. A user with Editor role can inject arbitrary HTML that executes for all viewers...

GHSA-RCPH-X7MJ-54MM NocoDB Vulnerable to Stored Cross-site Scripting via Comments

Summary Comments rendered via v-html without sanitization, enabling stored XSS. Details Comments in Comments.vue were parsed by markdown-it with html: true and injected via v-html without DOMPurify. A user with Commenter role can inject arbitrary HTML that executes for all viewers. Impact Stored...

NocoDB Vulnerable to Stored Cross-site Scripting via Comments

Summary Comments rendered via v-html without sanitization, enabling stored XSS. Details Comments in Comments.vue were parsed by markdown-it with html: true and injected via v-html without DOMPurify. A user with Commenter role can inject arbitrary HTML that executes for all viewers. Impact Stored...

GHSA-8VM4-G489-V3W7 NocoDB Vulnerable to Stored Cross-Site Scripting via Comments and Rich Text Cells

Summary User-controlled content in comments and rich text cells was rendered via v-html without sanitization, enabling stored XSS. Details Comments in Comments.vue and rich text in TextArea.vue were parsed by markdown-it with html: true and injected via v-html. The codebase had vue-dompurify-html...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationServer and IntegrationRuntime operands are vulnerable to denial of service (CVE-2026-2327)

Summary Node.js module markdown-it is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationServer and IntegrationRuntime operands are vulnerable to regular expression denial of service ReDoS. This bulletin provides...

Linux Distros Unpatched Vulnerability : CVE-2026-2327

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service ReDoS due to the use of the regex /+$/...

SUSE CVE-2026-2327

Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service ReDoS due to the use of the regex /+$/ in the linkify function. An attacker can supply a long sequence of characters followed by a non-matching character, which triggers...

GHSA-38C4-R59V-3VQW markdown-it is has a Regular Expression Denial of Service (ReDoS)

Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service ReDoS due to the use of the regex /+$/ in the linkify function. An attacker can supply a long sequence of characters followed by a non-matching character, which triggers...