Lucene search
K

31 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-49851

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear approximately O...

8.7CVSS5.9AI score0.0035EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-44896

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mistune is a Python Markdown parser with renderers and plugins. In 3.2.0 and earlier, in src/mistune/directives/image.py, the renderfigure function concatenates...

6.1CVSS5.6AI score0.00198EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-44708

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the mistune math plugin renders inline math $...$ and block math $$...$$ by...

6.1CVSS5.8AI score0.00228EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-44899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the Image directive plugin validates the :width: and :height: options with a reg...

6.1CVSS5.8AI score0.00228EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-44897

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, HTMLRenderer.heading builds the opening tag by string-concatenating the id...

6.1CVSS6AI score0.00228EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2026/05/26 9:16 p.m.5 views

a-mailx (=0.1.0), abracadabra (>=0.0.0 <=0.0.7) +702 more potentially affected by CVE-2026-44896 via mistune (>=0.7.3 <=3.2.0)

mistune PYPI version =0.7.3, =0.0.0, =0.0.18, =2.0.0.post1, =0.3.0, =1.0.0, =0.1.0, =1.3.4, =1.0.47, =1.0.66, =0.9.5, =0.21.2, =1.0.0, =1.1.2 and more Source cves: CVE-2026-44896 Source advisory: OSV:PYSEC-2026-168...

6.1CVSS5.7AI score0.00198EPSS
Exploits0
OSV
OSV
added 2026/05/26 9:16 p.m.6 views

UBUNTU-CVE-2026-44896

Mistune is a Python Markdown parser with renderers and plugins. In 3.2.0 and earlier, in src/mistune/directives/image.py, the renderfigure function concatenates figclass and figwidth options directly into HTML attributes without escaping. This allows attribute injection and XSS even when...

6.1CVSS5.2AI score0.00198EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/26 8:33 p.m.8 views

CVE-2026-44896

Mistune is a Python Markdown parser with renderers and plugins. In 3.2.0 and earlier, in src/mistune/directives/image.py, the renderfigure function concatenates figclass and figwidth options directly into HTML attributes without escaping. This allows attribute injection and XSS even when...

6.1CVSS5.4AI score0.00198EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.8 views

mistune 跨站脚本漏洞

Mistune is a fast and powerful Python Markdown parser developed by Hsiaoming Yang. Versions of Mistune prior to 3.2.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from the mathematical plugin not properly escaping HTML when rendering inline and block-level mathematic...

6.1CVSS5.7AI score0.00228EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2026/05/14 4:36 p.m.12 views

fittrackee (>=1.2.0 <=1.3.0b3), mein-et-projekt (=0.1.0) +2 more potentially affected by CVE-2026-44899 via mistune (=3.2.0)

mistune PYPI version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on mistune and may be impacted: - fittrackee =1.2.0, =2.19.0, =2.20.4 - uniovi-simur-wearablepermed-pipeline-step-counting =1.2.3 Source cves: CVE-2026-44899 Source advisory:...

6.1CVSS5.8AI score0.00228EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/05/14 4:36 p.m.6 views

a-mailx (=0.1.0), ai-shell (>=0.1.0 <=1.0.4) +137 more potentially affected by CVE-2026-44898 via mistune (>=3.0.0 <=3.2.0)

mistune PYPI version =3.0.0, =0.1.0, =0.9.5, =3.0.0, =3.2.1b1, =1.0.1, =1.0.1, =0.1.0, =0.1.0, =0.0.1, =0.1.0, =0.0.2, =1.0.0.1, =0.0.1, =0.0.5 and more Source cves: CVE-2026-44898 Source advisory: SNYK:PYTHON-MISTUNE-16697348...

6.1CVSS5.7AI score0.00228EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/05/09 12:13 a.m.5 views

a-mailx (=0.1.0), abracadabra (>=0.0.0 <=0.0.7) +702 more potentially affected by CVE-2026-44897 via mistune (>=0.7.3 <=3.2.0)

mistune PYPI version =0.7.3, =0.0.0, =0.0.18, =2.0.0.post1, =0.3.0, =1.0.0, =0.1.0, =1.3.4, =1.0.47, =1.0.66, =0.9.5, =0.21.2, =1.0.0, =1.1.2 and more Source cves: CVE-2026-44897 Source advisory: OSV:GHSA-V87V-83H2-53W7...

6.1CVSS5.7AI score0.00228EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/05/08 11:43 p.m.7 views

a-mailx (=0.1.0), abracadabra (>=0.0.0 <=0.0.7) +702 more potentially affected by CVE-2026-44896 via mistune (>=0.7.3 <=3.2.0)

mistune PYPI version =0.7.3, =0.0.0, =0.0.18, =2.0.0.post1, =0.3.0, =1.0.0, =0.1.0, =1.3.4, =1.0.47, =1.0.66, =0.9.5, =0.21.2, =1.0.0, =1.1.2 and more Source cves: CVE-2026-44896 Source advisory: OSV:GHSA-58CW-G322-P94V...

6.1CVSS5.7AI score0.00198EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/08 11:40 p.m.8 views

a-mailx (=0.1.0), abracadabra (>=0.0.0 <=0.0.7) +702 more potentially affected by CVE-2026-44708 via mistune (>=0.7.3 <=3.2.0)

mistune PYPI version =0.7.3, =0.0.0, =0.0.18, =2.0.0.post1, =0.3.0, =1.0.0, =0.1.0, =1.3.4, =1.0.47, =1.0.66, =0.9.5, =0.21.2, =1.0.0, =1.1.2 and more Source cves: CVE-2026-44708 Source advisory: OSV:GHSA-8G87-J6Q8-G93X...

6.1CVSS5.7AI score0.00228EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/05/08 11:40 p.m.7 views

a-mailx (=0.1.0), ai-shell (>=0.1.0 <=1.0.4) +136 more potentially affected by CVE-2026-44708 via mistune (>=3.0.0rc5 <=3.2.0)

mistune PYPI version =3.0.0rc5, =0.1.0, =0.9.5, =3.0.0, =3.2.1b1, =1.0.1, =1.0.1, =0.1.0, =0.1.0, =0.0.1, =0.1.0, =0.0.2, =1.0.0.1, =0.0.1, =0.0.5 and more Source cves: CVE-2026-44708 Source advisory: SNYK:PYTHON-MISTUNE-16624508...

6.1CVSS5.7AI score0.00228EPSS
Exploits1
OSV
OSV
added 2026/05/06 6:16 p.m.7 views

DEBIAN-CVE-2026-33079

In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS Regular Expression Denial of Service vulnerability in LINKTITLERE that allows an attacker who can supply Markdown for parsing to cause denial of service. The regular expression used for parsing link titles contains overlapping...

8.7CVSS5.8AI score0.00481EPSS
Exploits0References1
NVD
NVD
added 2026/05/06 6:16 p.m.18 views

CVE-2026-33079

In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS Regular Expression Denial of Service vulnerability in LINKTITLERE that allows an attacker who can supply Markdown for parsing to cause denial of service. The regular expression used for parsing link titles contains overlapping...

8.7CVSS0.00481EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/06 6:16 p.m.17 views

CVE-2026-33079

In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS Regular Expression Denial of Service vulnerability in LINKTITLERE that allows an attacker who can supply Markdown for parsing to cause denial of service. The regular expression used for parsing link titles contains overlapping...

8.7CVSS5.8AI score0.00481EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/06 4:52 p.m.7 views

a-mailx (=0.1.0), ai-shell (>=0.1.0 <=1.0.4) +136 more potentially affected by CVE-2026-33079 +1 more via mistune (>=3.0.0rc5 <=3.2.0)

mistune PYPI version =3.0.0rc5, =0.1.0, =0.9.5, =3.0.0, =3.2.1b1, =1.0.1, =1.0.1, =0.1.0, =0.1.0, =0.0.1, =0.1.0, =0.0.2, =1.0.0.1, =0.0.1, =0.0.5 and more Source cves: CVE-2026-33079, CVE-2026-33441 Source advisory: SNYK:PYTHON-MISTUNE-16438944...

8.7CVSS5.7AI score0.00481EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/06 4:52 p.m.7 views

a-mailx (=0.1.0), ai-shell (>=0.1.0 <=1.0.4) +136 more potentially affected by CVE-2026-33079 via mistune (>=3.0.0rc5 <=3.2.0)

mistune PYPI version =3.0.0rc5, =0.1.0, =0.9.5, =3.0.0, =3.2.1b1, =1.0.1, =1.0.1, =0.1.0, =0.1.0, =0.0.1, =0.1.0, =0.0.2, =1.0.0.1, =0.0.1, =0.0.5 and more Source cves: CVE-2026-33079 Source advisory: OSV:GHSA-8MP2-V27R-99XP...

8.7CVSS5.7AI score0.00481EPSS
Exploits0
Rows per page
Query Builder