Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationServer and IntegrationRuntime operands are vulnerable to denial of service (CVE-2026-2327)

Summary Node.js module markdown-it is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationServer and IntegrationRuntime operands are vulnerable to regular expression denial of service ReDoS. This bulletin provides...

CVE-2026-2327

Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service ReDoS due to the use of the regex /+$/ in the linkify function. An attacker can supply a long sequence of characters followed by a non-matching character, which triggers...

Security Bulletin: Astronomer with IBM is vulnerable to cross-site scripting due to the markdown-it package (CVE-2025-7969)

Summary Markdown-it is used by Astronomer with IBM as part of markdown parsing functionality. Vulnerability Details CVEID:CVE-2025-7969 DESCRIPTION: Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting...

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for October 2025.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 24.0.0-IF005 and 25.0.0-IF002. These vulnerabilities have been also addressed in 24.0.1-IF005. Vulnerability Details CVEID:CVE-2025-36091 DESCRIPTION: IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and...

EUVD-2015-3342

Malware in sbrugna...

EUVD-2022-7658

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-21670

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - markdown-it is a Markdown parser. Prior to version 1.3.2, special patterns with length greater than 50 thousand characterss could slow down the parser...

Markdown-It 安全漏洞

Markdown-It is a Markdown parser from the Markdown it! open source. A security vulnerability exists in Markdown-It version 14.1.0 that stems from improper input neutralization and could lead to cross-site scripting...

Regular Expression Denial Of Service (ReDoS)

markdown-it is vulnerable to regular expression denial of service DoS attacks. A malicious user is able to pass a crafted regex statement through the replace function in lib/common/htmlre.js, causing an application crash due to inefficient regular expression complexity...

CVE-2015-3295

markdown-it before 4.1.0 does not block data: URLs...

markdown-it and NodeBB HTML Injection Vulnerabilities

markdown-it is a parser product. NodeBB is a forum system developed by the Design Create Play team and built using Node.js, a web application platform built on top of Google's V8 JavaScript engine. An HTML injection vulnerability exists in markdown-it versions prior to 4.1.0 and NodeBB versions...