CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

204 matches found

IBM Security Bulletins•added 2025/11/28 7:14 p.m.•4 views

Security Bulletin: Astronomer with IBM is vulnerable to cross-site scripting due to the markdown-it package (CVE-2025-7969)

Summary Markdown-it is used by Astronomer with IBM as part of markdown parsing functionality. Vulnerability Details CVEID:CVE-2025-7969 DESCRIPTION: Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting...

6.9CVSS5.9AI score0.00229EPSS

Exploits1Affected Software1

EUVD•added 2025/11/25 12:11 a.m.•4 views

EUVD-2025-199345

Malicious code in @accordproject/markdown-it-cicero npm...

Exploits0References4

OSV•added 2025/11/25 12:11 a.m.•3 views

MAL-2025-191176 Malicious code in @accordproject/markdown-it-cicero (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68f76b16c229965a1534ce9db1fbdd959d053d6d57cd731f81049448bbc6737f The package @accordproject/markdown-it-cicero was found to contain malicious code. Source: ghsa-malware...

Exploits0References4

IBM Security Bulletins•added 2025/11/03 10:14 p.m.•15 views

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for October 2025.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 24.0.0-IF005 and 25.0.0-IF002. These vulnerabilities have been also addressed in 24.0.1-IF005. Vulnerability Details CVEID:CVE-2025-36091 DESCRIPTION: IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and...

9.1CVSS8.1AI score0.05006EPSS

Exploits7Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2015-3342

Malware in sbrugna...

5.3CVSS5.5AI score0.01287EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-7658

Malicious code in bioql PyPI...

7.5CVSS4.8AI score0.00946EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-6435

Malicious code in bioql PyPI...

7.3CVSS6.7AI score0.00496EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-0130

Malicious code in bioql PyPI...

5.5CVSS5.4AI score0.00225EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-6409

Malicious code in bioql PyPI...

7.3CVSS6.7AI score0.00496EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-25465

Malicious code in bioql PyPI...

6.9CVSS6.3AI score0.00229EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-0131

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00225EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-0966

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.01346EPSS

Exploits1References4

Tenable Nessus•added 2025/09/10 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2015-10005

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in markdown-it up to 2.x. It has been classified as problematic. Affected is an unknown function of the file lib/common/htmlre.js. The...

7.5CVSS5AI score0.00946EPSS

Exploits0References2

Tenable Nessus•added 2025/09/01 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-7969

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This...

6.9CVSS6.6AI score0.00229EPSS

Exploits1References3

Tenable Nessus•added 2025/08/27 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2022-21670

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - markdown-it is a Markdown parser. Prior to version 1.3.2, special patterns with length greater than 50 thousand characterss could slow down the parser...

5.3CVSS6.4AI score0.02152EPSS

Exploits1References2

Tenable Nessus•added 2025/08/27 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2023-26302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as...

5.5CVSS5.6AI score0.00225EPSS

Exploits0References2

SUSE CVE•added 2025/08/21 11:24 p.m.•1 views

SUSE CVE-2025-7969

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This vulnerability is associated with program files lib/renderer.mjs. This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not conside...

6.9CVSS5AI score0.00229EPSS

Exploits1References3

OSV•added 2025/08/21 5:15 p.m.•4 views

CVE-2025-7969

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This vulnerability is associated with program files lib/renderer.mjs. This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not conside...

6.1CVSS5.8AI score

Exploits0References3

NVD•added 2025/08/21 5:15 p.m.•4 views

CVE-2025-7969

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This vulnerability is associated with program files lib/renderer.mjs. This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not conside...

6.9CVSS0.00229EPSS

Exploits1References3

OSV•added 2025/08/21 5:15 p.m.•1 views

DEBIAN-CVE-2025-7969

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This vulnerability is associated with program files lib/renderer.mjs. This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not conside...

6.1CVSS6.2AI score0.00229EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by