CVE-2026-43899

DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, An incomplete mitigation for CVE-2025-55733 leaves DeepChat vulnerable to an arbitrary protocol execution bypass RCE. While the patch correctly restricted...

PT-2026-39859

Name of the Vulnerable Software and Affected Versions DeepChat versions prior to 1.0.4-beta.1 Description An incomplete mitigation for a previous issue allows for an arbitrary protocol execution bypass, which can lead to remote code execution RCE. While restrictions were applied to the...

PT-2026-39294

Name of the Vulnerable Software and Affected Versions Open WebUI versions 0.3.5 through 0.8.12 Description A stored cross-site scripting XSS issue allows authenticated users with model creation permissions workspace.models to execute arbitrary JavaScript in the browsers of other users, including...

CVE-2020-10935

Zulip Server before 2.1.3 allows XSS via a Markdown link, with resultant account takeover...

EUVD-2025-124281

Malicious code in norma-europa-prettier-plugin-markdown-link npm...

EUVD-2017-1375

Malware in sbrugna...

EUVD-2020-3341

Malware in sbrugna...

EUVD-2022-6096

Malicious code in bioql PyPI...

CVE-2024-22891

Nteract v.0.28.0 was discovered to contain a remote code execution RCE vulnerability via the Markdown link...

CVE-2022-40277

Joplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via Joplin. This is possible because the application does not properly validate the schema/protocol of existing links in the markdown file before...

Exploit for Open Redirect in Nteract

Nteract PoC A Proof-Of-Concept for CVE-2024-22891 vulnerabilit...

PicUploader 安全漏洞

PicUploader is a graphic bed tool written in php by Bruce's personal developer. It helps you to quickly upload your images to a cloud image bed and automatically return a Markdown formatted link to the clipboard. PicUploader has a security vulnerability that stems from a cross-site scripting...

Remote Code Execution(RCE)

Nteract is vulnerable to Remote Code Execution RCE. The vulnerability is caused due to a lack of input validation in the Markdown link parsing functionality, allowing malicious actors to execute arbitrary code remotely...

Nteract Remote Code Execution vulnerability

Nteract v.0.28.0 was discovered to contain a remote code execution RCE vulnerability via the Markdown link...

CVE-2024-22891

Nteract v.0.28.0 was discovered to contain a remote code execution RCE vulnerability via the Markdown link...

CVE-2024-22891

Nteract v.0.28.0 was discovered to contain a remote code execution RCE vulnerability via the Markdown link...

Remote code execution

Nteract v.0.28.0 was discovered to contain a remote code execution RCE vulnerability via the Markdown link...

PT-2024-19599 · Interact · Interact

Name of the Vulnerable Software and Affected Versions: Nteract version 0.28.0 Description: The issue is related to a remote code execution RCE vulnerability via the Markdown link. Recommendations: For Nteract version 0.28.0, update to a version that fixes the remote code execution vulnerability...

CVE-2024-22891

Nteract v.0.28.0 was discovered to contain a remote code execution RCE vulnerability via the Markdown link...

CVE-2024-22891

Nteract v.0.28.0 was discovered to contain a remote code execution RCE vulnerability via the Markdown link...