Lucene search
K

85 matches found

NVD
NVD
added 2026/06/24 6:17 p.m.16 views

CVE-2026-49851

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear approximately On² behavior in parselinktext. When parsing Markdown containing many consecutive characters, parselinktext repeatedly scans the input usin...

8.7CVSS0.0035EPSS
Exploits0References4
OSV
OSV
added 2026/06/24 6:17 p.m.3 views

UBUNTU-CVE-2026-49851

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear approximately On² behavior in parselinktext. When parsing Markdown containing many consecutive characters, parselinktext repeatedly scans the input usin...

8.7CVSS5.9AI score0.0035EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52033

Name of the Vulnerable Software and Affected Versions Mistune versions prior to 3.3.0 Description A CPU exhaustion Denial of Service DoS occurs due to superlinear approximately On² behavior in the parse link text function. When processing Markdown containing numerous consecutive characters, the...

8.7CVSS5.8AI score0.0035EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.12 views

Oracle Linux 9 : python-markdown (ELSA-2026-19366)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-19366 advisory. 3.3.4-4.2 - Fix CVE-2025-69534 RHEL-153747 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

8.2CVSS7.4AI score0.00566EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2026/05/29 4:3 p.m.13 views

python-markdown security update

An update is available for python-markdown. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

8.2CVSS5.8AI score0.00566EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.12 views

RockyLinux 10 : python-markdown (RLSA-2026:19155)

The remote RockyLinux 10 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2026:19155 advisory. python-markdown: denial of service via malformed HTML-like sequences CVE-2025-69534 Tenable has extracted the preceding description block directly from the...

8.2CVSS5.8AI score0.00566EPSS
Exploits1References3
Rockylinux
Rockylinux
added 2026/05/28 3:43 p.m.11 views

python-markdown security update

An update is available for python-markdown. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

8.2CVSS7.3AI score0.00566EPSS
Exploits1
OSV
OSV
added 2026/05/28 3:43 p.m.11 views

RLSA-2026:19366 Important: python-markdown security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.2CVSS5.8AI score0.00566EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.10 views

RockyLinux 9 : python-markdown (RLSA-2026:19366)

The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2026:19366 advisory. python-markdown: denial of service via malformed HTML-like sequences CVE-2025-69534 Tenable has extracted the preceding description block directly from the...

8.2CVSS5.8AI score0.00566EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.10 views

RHEL 9 : python-markdown (RHSA-2026:20674)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:20674 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

8.2CVSS5.9AI score0.00566EPSS
Exploits1References4
OSV
OSV
added 2026/05/26 9:16 p.m.8 views

DEBIAN-CVE-2026-44708

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the mistune math plugin renders inline math $...$ and block math $$...$$ by concatenating the raw user-supplied content directly into the HTML output without any HTML escaping. This occurs even when the parser is...

6.1CVSS5.8AI score0.00228EPSS
Exploits1References1
OSV
OSV
added 2026/05/26 9:16 p.m.5 views

UBUNTU-CVE-2026-44897

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, HTMLRenderer.heading builds the opening tag by string-concatenating the id attribute value directly into the HTML — with no call to escape, safeentity, or any other sanitisation function. A double-quote character " in...

6.1CVSS6AI score0.00228EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/26 8:41 p.m.16 views

EUVD-2026-31995

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, rendertocul builds a table-of-contents tree from a list of level, id, text tuples. Both the id value used as href="" and the text value used as the visible link label are inserted into tags via a plain Python format...

6.1CVSS5.9AI score0.00228EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/26 8:41 p.m.8 views

CVE-2026-44898

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, rendertocul builds a table-of-contents tree from a list of level, id, text tuples. Both the id value used as href="" and the text value used as the visible link label are inserted into tags via a plain Python format...

6.1CVSS5.9AI score0.00228EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/26 8:41 p.m.9 views

CVE-2026-44898 Mistune TOC Anchor Injection XSS

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, rendertocul builds a table-of-contents tree from a list of level, id, text tuples. Both the id value used as href="" and the text value used as the visible link label are inserted into tags via a plain Python format...

6.1CVSS5.9AI score0.00228EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/05/26 8:41 p.m.7 views

CVE-2026-44898

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, rendertocul builds a table-of-contents tree from a list of level, id, text tuples. Both the id value used as href="" and the text value used as the visible link label are inserted into tags via a plain Python format...

6.1CVSS5.9AI score0.00228EPSS
Exploits1
EUVD
EUVD
added 2026/05/26 8:39 p.m.15 views

EUVD-2026-31993

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the mistune math plugin renders inline math $...$ and block math $$...$$ by concatenating the raw user-supplied content directly into the HTML output without any HTML escaping. This occurs even when the parser is...

6.1CVSS5.8AI score0.00228EPSS
Exploits1References2
OSV
OSV
added 2026/05/26 10:7 a.m.10 views

RHSA-2026:20677 Red Hat Security Advisory: python-markdown security update

Bulletin has no description...

8.2CVSS7.2AI score0.00566EPSS
Exploits1References10
OSV
OSV
added 2026/05/26 10:7 a.m.15 views

RHSA-2026:20676 Red Hat Security Advisory: python-markdown security update

Bulletin has no description...

8.2CVSS7.2AI score0.00566EPSS
Exploits1References10
OSV
OSV
added 2026/05/26 10:7 a.m.11 views

RHSA-2026:20674 Red Hat Security Advisory: python-markdown security update

Bulletin has no description...

8.2CVSS7.2AI score0.00566EPSS
Exploits1References10
Rows per page
Query Builder