CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

Positive Technologies•added 2026/04/13 12:0 a.m.•2 views

PT-2026-32424

Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect escaping of content when branches were used. Additionally template actions within JS template literals did not properly track the brace depth, leading to incorrect escaping being...

6.1CVSS5.7AI score0.00011EPSS

Exploits0References6

NVD•added 2026/04/08 2:16 a.m.•0 views

CVE-2026-32289

6.1CVSS0.00011EPSS

Exploits0References4

OSV•added 2026/04/08 2:16 a.m.•1 views

UBUNTU-CVE-2026-32289

6.1CVSS5.8AI score0.00011EPSS

Exploits0References6

EUVD•added 2026/04/08 1:6 a.m.•2 views

EUVD-2026-20018

5.9AI score0.00011EPSS

Exploits0References4

CVE•added 2026/04/08 1:6 a.m.•13 views

CVE-2026-32289

CVE-2026-32289 is a documented issue where html/template failed to correctly track JS template literal context, risking improper escaping and potential XSS. Portable across Go toolchains, it was addressed by the Go project in updates to go1.25.9 and go1.26.2, and these fixes are reflected in SUSE...

6.1CVSS5.9AI score0.00011EPSS

Exploits0References4Affected Software1

AlpineLinux•added 2026/04/08 1:6 a.m.•1 views

CVE-2026-32289

6.1CVSS5.7AI score0.00011EPSS

Exploits0

Positive Technologies•added 2026/04/07 12:0 a.m.•1 views

PT-2026-31066

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description Improper tracking of context across template branches within JavaScript template literals could lead to incorrect content escaping when branches are used. Additionally, template actions inside these literals d...

10CVSS5.7AI score0.00158EPSS

Exploits13References186

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by