32 matches found
CVE-2026-54889
Improper Neutralization of Input During Web Page Generation XSS vulnerability in leandrocp mdex allows cross-site scripting via unsanitized URL schemes in Quill Delta output. 'Elixir.MDEx':todelta/2 converts Markdown into a Quill Delta. 'Elixir.MDEx.DeltaConverter':defaultconvertnode/3 in...
CVE-2026-53429
Missing Release of Memory after Effective Lifetime vulnerability in leandrocp mdex and mdexnative allows an attacker who controls a rendered document to cause a denial of service through unbounded native memory exhaustion. The native rendering code permanently leaks memory when rendering a docume...
CVE-2026-54888
Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex converts between an Elixir %MDEx.Document struct and Comrak's internal AST using two mutually recursive Rust functions, exdocumenttocomrakast and comrakasttoexdocument, in the NI...
CVE-2026-53428
Memory Allocation with Excessive Size Value vulnerability in leandrocp mdex allows an unauthenticated attacker to cause a denial of service through unbounded memory allocation. comraknif::lumisadapter::LumisAdapter::parsehighlightlines in native/comraknif/src/lumisadapter.rs eagerly expands a...
CVE-2026-53427
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in leandrocp MDEx allows stored or reflected cross-site scripting via attacker-controlled Markdown. When syntax highlighting and full info-string forwarding render: fullinfostring: true are enabled, t...
CVE-2026-53426
Summary: CVE-2026-53426 affects the MDEx JSON parser. An attacker-controlled node_type in JSON fed to MDEx.parse_document/2 causes repeated String.to_atom/1 calls via Module.concat/1, creating permanent atoms and eventually exhausting the BEAM atom table. Consequence is unauthenticated denial-of-...
CVE-2026-53426 Atom-table exhaustion denial-of-service via JSON parse_document in MDEx
Allocation of Resources Without Limits or Throttling vulnerability in leandrocp MDEx allows Excessive Allocation. MDEx.parsedocument/2 accepts a :json, json source. In lib/mdex.ex, the private jsontonode/1 function passes the attacker-controlled nodetype value to Module.concat/1, which calls...
EEF-CVE-2026-53426 Atom-table exhaustion denial-of-service via JSON parse_document in MDEx
Summary Allocation of Resources Without Limits or Throttling vulnerability in leandrocp MDEx allows Excessive Allocation. MDEx.parse\document/2 accepts a :json, json source. In lib/mdex.ex, the private json\to\node/1 function passes the attacker-controlled node\type value to Module.concat/1, whic...
CVE-2026-54889
Improper Neutralization of Input During Web Page Generation XSS vulnerability in leandrocp mdex allows cross-site scripting via unsanitized URL schemes in Quill Delta output. 'Elixir.MDEx':todelta/2 converts Markdown into a Quill Delta. 'Elixir.MDEx.DeltaConverter':defaultconvertnode/3 in...
EEF-CVE-2026-54889 Unsanitized URL schemes in MDEx Quill Delta output allow javascript: injection (XSS)
Summary Improper Neutralization of Input During Web Page Generation XSS vulnerability in leandrocp mdex allows cross-site scripting via unsanitized URL schemes in Quill Delta output. 'Elixir.MDEx':to\delta/2 converts Markdown into a Quill Delta. 'Elixir.MDEx.DeltaConverter':default\convert\node/3...
CVE-2026-54888
The CVE-2026-54888 issue is a denial-of-service in mdex/mdex_native caused by uncontrolled recursion when converting Markdown to an AST across a NIF boundary. The root cause is missing maximum nesting depth in two mutual Rust functions (ex_document_to_comrak_ast and comrak_ast_to_ex_document), al...
CVE-2026-54888
Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex converts between an Elixir %MDEx.Document struct and Comrak's internal AST using two mutually recursive Rust functions, exdocumenttocomrakast and comrakasttoexdocument, in the NI...
EEF-CVE-2026-54888 Uncontrolled recursion over deeply nested Markdown crashes the BEAM in mdex
Summary Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex converts between an Elixir %MDEx.Document struct and Comrak's internal AST using two mutually recursive Rust functions, ex\document\to\comrak\ast and...
CVE-2026-53429 Unbounded native memory leak in mdex escaped-tag rendering enables unauthenticated denial of service
Missing Release of Memory after Effective Lifetime vulnerability in leandrocp mdex and mdexnative allows an attacker who controls a rendered document to cause a denial of service through unbounded native memory exhaustion. The native rendering code permanently leaks memory when rendering a docume...
CVE-2026-53429 Unbounded native memory leak in mdex escaped-tag rendering enables unauthenticated denial of service
Missing Release of Memory after Effective Lifetime vulnerability in leandrocp mdex and mdexnative allows an attacker who controls a rendered document to cause a denial of service through unbounded native memory exhaustion. The native rendering code permanently leaks memory when rendering a docume...
CVE-2026-53429
Affected software: mdex (0.11.0–0.12.3) and mdex_native (0.1.0–0.2.3). Root cause: native rendering path leaks memory by Box::leak of literal strings for each MDEx.EscapedTag node, with no cap on literal size or node count, causing unbounded memory growth per render and across renders. Trigger: r...
EEF-CVE-2026-53429 Unbounded native memory leak in mdex escaped-tag rendering enables unauthenticated denial of service
Summary Missing Release of Memory after Effective Lifetime vulnerability in leandrocp mdex and mdex\native allows an attacker who controls a rendered document to cause a denial of service through unbounded native memory exhaustion. The native rendering code permanently leaks memory when rendering...
CVE-2026-53428 Unbounded memory allocation in highlight_lines range expansion in mdex
Memory Allocation with Excessive Size Value vulnerability in leandrocp mdex allows an unauthenticated attacker to cause a denial of service through unbounded memory allocation. comraknif::lumisadapter::LumisAdapter::parsehighlightlines in native/comraknif/src/lumisadapter.rs eagerly expands a...
CVE-2026-53428 Unbounded memory allocation in highlight_lines range expansion in mdex
Memory Allocation with Excessive Size Value vulnerability in leandrocp mdex allows an unauthenticated attacker to cause a denial of service through unbounded memory allocation. comraknif::lumisadapter::LumisAdapter::parsehighlightlines in native/comraknif/src/lumisadapter.rs eagerly expands a...
CVE-2026-53428
Summary: The CVE describes an unbounded memory allocation in the mdex/native codepath when parsing a user-supplied highlight_lines range in Markdown code blocks, enabling a denial-of-service via memory exhaustion. The affected components are mdex (v0.11.0 before 0.12.3) and mdex_native (v0.1.0 be...