11 matches found
CVE-2026-45665
Open WebUI contains a Stored XSS in the Banner component due to incorrect sanitization order (DOMPurify before marked.parse). The vulnerability allows a compromised administrator to store a payload in the global banner that is rendered for all users, including the Super Admin, enabling privilege ...
CVE-2026-41680
A flaw was found in marked, a markdown parser and compiler. An unauthenticated attacker can exploit this Denial of Service DoS vulnerability by providing a specific 3-byte input sequence a tab, a vertical tab, and a newline. This input triggers an infinite recursion loop during parsing, leading t...
Malicious code in marked-as (npm)
This package is imitating the popular marked library. It contains a VBScript to extract a bundled PE payload, make it hidden, and execute it. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16c9c50d2f56b3edc3a26ddebf2c1da3ef628b3aa1c8da23bc2e5b0b2b157dea Any compute...
Inefficient Regular Expression Complexity in marked
Impact What kind of vulnerability is it? Denial of service. The regular expression inline.reflinkSearch may cause catastrophic backtracking against some strings. PoC is the following. javascript import as marked from 'marked'; console.logmarked.parsex: x \\; Who is impacted? Anyone who runs...
GHSA-5V2H-R2CX-5XGJ Inefficient Regular Expression Complexity in marked
Impact What kind of vulnerability is it? Denial of service. The regular expression inline.reflinkSearch may cause catastrophic backtracking against some strings. PoC is the following. javascript import as marked from 'marked'; console.logmarked.parsex: x \\; Who is impacted? Anyone who runs...
GHSA-RRRM-QJM4-V8HF Inefficient Regular Expression Complexity in marked
Impact What kind of vulnerability is it? Denial of service. The regular expression block.def may cause catastrophic backtracking against some strings. PoC is the following. javascript import as marked from "marked"; marked.parsex:$' '.repeat1500x $' '.repeat1500 x; Who is impacted? Anyone who run...
GHSA-32VW-R77C-GM67 Withdrawn Advisory: marked cross-site scripting vulnerability
Versions 0.3.2 and earlier of marked are affected by a cross-site scripting vulnerability even when sanitize:true is set...
GHSA-XF5P-87CH-GXW2 Marked ReDoS due to email addresses being evaluated in quadratic time
Versions of marked from 0.3.14 until 0.6.2 are vulnerable to Regular Expression Denial of Service. Email addresses may be evaluated in quadratic time, allowing attackers to potentially crash the node process due to resource exhaustion. Recommendation Upgrade to version 0.6.2 or later...
GHSA-VFVF-MQQ8-RWQC Sanitization bypass using HTML Entities in marked
Affected versions of marked are susceptible to a cross-site scripting vulnerability in link components when sanitize:true is configured. Proof of Concept This flaw exists because link URIs containing HTML entities get processed in an abnormal manner. Any HTML Entities get parsed on a best-effort...
GHSA-7PX7-7XJX-HXM8 Marked vulnerable to XSS from data URIs
marked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser...
GHSA-HJCP-J389-59FF Regular Expression Denial of Service in marked
Versions 0.3.3 and earlier of marked are affected by a regular expression denial of service ReDoS vulnerability when passed inputs that reach the em inline rule. Recommendation Update to version 0.3.4 or later...