Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Positive Technologies
Positive Technologiesadded 2026/04/14 12:0 a.m.2 views

PT-2026-32577

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an Eval Injection vulnerability in the Markdown rendering engine that allows any user capable of interacting with the AI chat interface to execute arbitrary JavaScript in the browsers of other users, including...

6.9CVSS6.1AI score0.00034EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2026/04/06 5:37 p.m.1 views

CVE-2026-35166

Hugo is a static site generator. From 0.60.0 to before 0.159.2, links and image links in the default markdown to HTML renderer are not properly escaped. Hugo users who trust their Markdown content or have custom render hooks for links and images are not affected. This vulnerability is fixed in...

5.4CVSS5.3AI score0.00012EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/02/06 9:12 p.m.2 views

CVE-2026-25516

NiceGUI is a Python-based UI framework. The ui.markdown component uses the markdown2 library to convert markdown content to HTML, which is then rendered via innerHTML. By default, markdown2 allows raw HTML to pass through unchanged. This means that if an application renders user-controlled conten...

6.1CVSS5.5AI score0.00021EPSS
Exploits1References3Affected Software1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2014-5042

Malware in sbrugna...

5.4CVSS5.5AI score0.00574EPSS
Exploits3References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-18775

Malware in sbrugna...

7.5CVSS7.4AI score0.00362EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-1268

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00211EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2025/04/17 12:0 a.m.1 views

PT-2025-17245

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server version 3.16.1 Description An improper neutralization of input issue was identified in GitHub Enterprise Server, allowing cross-site scripting in GitHub Markdown that used $$..$$ math blocks. Exploitation required acce...

8.6CVSS6AI score0.00377EPSS
Exploits0References13
RedhatCVE
RedhatCVEadded 2025/02/05 8:22 a.m.5 views

CVE-2024-47610

InvenTree is an Open Source Inventory Management System. In affected versions of InvenTree it is possible for a registered user to store javascript in markdown notes fields, which are then displayed to other logged in users who visit the same page and executed. The vulnerability has been addresse...

7.3CVSS6.3AI score0.00637EPSS
Exploits0References1
Hacker One
Hacker Oneadded 2020/04/01 10:46 p.m.90 views

GitLab: Stored XSS in markdown when redacting references

Summary It's possible to inject arbitrary html into the markdown by abusing the ReferenceRedactorFilter. This is due to the data-original attribute allowing html encoded data to be stored, which is then extracted and used as the link content. If the original data already is html encoded then it...

0.4AI score
Exploits0
Rows per page
Query Builder