CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

58 matches found

Veracode•added 2026/05/16 5:25 a.m.•5 views

Out-of-bounds Read

github.com/gomarkdown/markdown is vulnerable to an Out-of-Bounds Read. The vulnerability is due to improper handling of malformed Markdown input containing a character when processed by the SmartypantsRenderer, which allows an attacker to trigger an out-of-bounds read or cause the application to...

7.5CVSS5.9AI score0.00346EPSS

Exploits1References2Affected Software1

NVD•added 2026/04/21 8:17 p.m.•5 views

CVE-2026-40890

The package github.com/gomarkdown/markdown is a Go library for parsing Markdown text and rendering as HTML. Processing a malformed input containing a character anywhere in the remaining text with a SmartypantsRenderer will lead to Out of Bounds read or a panic. This vulnerability is fixed with...

7.5CVSS0.00346EPSS

Exploits1References2

Cvelist•added 2026/04/21 7:51 p.m.•34 views

CVE-2026-40890 github.com/gomarkdown/markdown: Out-of-bounds Read in SmartypantsRenderer

7.5CVSS0.00346EPSS

Exploits1References2

Debian CVE•added 2026/04/21 7:51 p.m.•4 views

CVE-2026-40890

7.5CVSS5.3AI score0.00346EPSS

Exploits1

Vulnrichment•added 2026/04/21 7:51 p.m.•2 views

CVE-2026-40890 github.com/gomarkdown/markdown: Out-of-bounds Read in SmartypantsRenderer

7.5CVSS5.8AI score0.00346EPSS

Exploits1References2

AlpineLinux•added 2026/04/21 7:51 p.m.•3 views

CVE-2026-40890

7.5CVSS5.3AI score0.00346EPSS

Exploits1References2

CVE•added 2026/04/21 7:51 p.m.•13 views

CVE-2026-40890

CVE-2026-40890 affects github.com/gomarkdown/markdown. A malformed input containing a '' read by the SmartypantsRenderer can trigger an out-of-bounds read or a panic. The vulnerability is fixed in commit 759bbc3e32073c3bc4e25969c132fc520eda2778. Connected advisories confirm the same description a...

7.5CVSS5.7AI score0.00346EPSS

Exploits1References2Affected Software1

Github Security Blog•added 2026/04/14 10:38 p.m.•7 views

Go Markdown has an Out-of-bounds Read in SmartypantsRenderer

Summary Processing a malformed input containing a character anywhere in the remaining text with a SmartypantsRenderer will lead to Out of Bounds read or a panic. Details The smartLeftAngle function in html/smartypants.go:367-376 performs an out-of-bounds slice operation when processing a characte...

7.5CVSS5.8AI score0.00346EPSS

Exploits1References4Affected Software1

OSV•added 2026/04/14 10:38 p.m.•2 views

GHSA-77FJ-VX54-GVH7 Go Markdown has an Out-of-bounds Read in SmartypantsRenderer

7.5CVSS5.8AI score0.00346EPSS

Exploits1References4

Positive Technologies•added 2026/04/14 12:0 a.m.•5 views

PT-2026-33236

Name of the Vulnerable Software and Affected Versions github.com/gomarkdown/markdown affected versions not specified Description Processing malformed input containing a character anywhere in the remaining text using a SmartypantsRenderer can lead to an Out of Bounds read or a panic. This occurs...

7.5CVSS5.2AI score0.00346EPSS

Exploits1References7

RedhatCVE•added 2026/02/18 7:30 p.m.•3 views

CVE-2024-31118

Missing Authorization vulnerability in Smartypants SP Project & Document Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SP Project & Document Manager: from n/a through 4.70...

6.5CVSS5.5AI score0.00158EPSS

Exploits0References1

NVD•added 2026/02/17 3:16 p.m.•5 views

CVE-2024-31118

6.5CVSS0.00158EPSS

Exploits0References1

Positive Technologies•added 2026/02/17 12:0 a.m.•7 views

PT-2026-20211

Name of the Vulnerable Software and Affected Versions Smartypants SP Project & Document Manager versions through 4.70 Description An authorization issue exists in Smartypants SP Project & Document Manager. The issue involves incorrectly configured access control security levels, potentially...

6.5CVSS5.4AI score0.00158EPSS

Exploits0References3