CVE-2026-13140

Stored Cross-Site Scripting in the exposed AWS API key store of Thinkst Applied Research Canarytokens. Anonymous exploitation requires knowledge of a random identifier. This issue affects Canarytokens: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e...

EUVD-2026-38736

Stored Cross-Site Scripting in the exposed AWS API key store of Thinkst Applied Research Canarytokens. Anonymous exploitation requires knowledge of a random identifier. This issue affects Canarytokens: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e...

CVE-2026-12888

An HTML injection vulnerability exists in the Google Chat webhook notification sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation in Google Chat. An attacker can insert limited HTML content including links. This issue affects Canarytokens: from Docker tag sha-4aef1db90...

EUVD-2026-38240

An HTML injection vulnerability exists in the Google Chat webhook notification sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation in Google Chat. An attacker can insert limited HTML content including links. This issue affects Canarytokens: from Docker tag sha-4aef1db90...

CVE-2026-11859

An HTML injection vulnerability in the "fetch links" email sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross-Site Scripting XSS in emails clients that render HTML emails. This issue affects Canarytokens: from Docker tag sha-c0f3cf142 before sha-08c3f93d, from G...

CVE-2026-11859

An HTML injection vulnerability in the "fetch links" email sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross-Site Scripting XSS in emails clients that render HTML emails. This issue affects Canarytokens: from Docker tag sha-c0f3cf142 before sha-08c3f93d, from G...

CVE-2026-10729 HTML injection in the notification email for "Slow Redirect" and "Cloned Website" Canarytokens

An HTML injection vulnerability in the notification email for "Slow Redirect" and "Cloned Website" Canarytokens exists in Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross-Site Scripting XSS in emails clients that render HTML emails. This issue affects Canarytokens: fr...

CVE-2026-10729

The CVE-2026-10729 entry covers an HTML injection vulnerability in Thinkst Applied Research Canarytokens specifically in the notification email delivery. Affected component: Canarytokens notification emails that render HTML. Root cause described: HTML injection can enable Interface Manipulation a...

Canarytokens 跨站脚本漏洞

Canarytokens is a web activity tracking system open source by Thinkst Applied Research. Previous versions of Canarytokens had a cross-site scripting vulnerability. This vulnerability stemmed from improper handling of the title field in PWA Canarytoken, which could lead to cross-site scripting...

PT-2025-53683

I was credited for discovering and responsibly disclosing CVE-2025-67797 TC-2025-01 affecting Thinkst Canary. The issue is a relative path traversal vulnerability in the Canary HTTP Web Server specific webskins only https://t.co/Q7p1Er1eJI @thinkst CVE CyberSecurity 🇹🇿 https://t.co/TXxlliE7A2...

Canarytokens 安全漏洞

Canarytokens is an open source web activity tracking system from Thinkst Applied Research. A security vulnerability exists in Canarytokens that stems from a server-side request forgery vulnerability that was discovered in the Webhook alert feature...

Thinkst Canarytokens Security Vulnerability

Thinkst Canarytokens is a web activity tracking system. A security vulnerability exists in previous versions of Thinkst Canarytokens sha-c595a1f8 that stems from vulnerability to CSV injection attacks...

Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

In large metropolitan areas, tourists are often easy to spot because theyre far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like dat...

Thinkst Canarytokens 跨站脚本漏洞

Thinkst Canarytokens is a web activity tracking system. Thinkst Canarytokens suffers from a cross-site scripting vulnerability that stems from the history page of the canarytoken it triggers allowing an attacker to implement cross-site scripting...

Thinkst Canarytokens 跨站脚本漏洞

Thinkst Canarytokens is a web activity tracking system. Thinkst Canarytokens suffers from a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute Javascript code...

Canarytokens 2019-03-01 - Detection Bypass Exploit

Exploit Title: Canarytokens 2019-03-01 - Detection Bypass Exploit Author: Benjamin Zink Loft, Gionathan "John" Reale Vendor Homepage: https://thinkst.com/ Version: up to 2019-03-01 Software Link: https://github.com/thinkst/canarytokens Google Dork: N/A CVE: 2019-9768...

Canarytokens 2019-03-01 - Detection Bypass

Canarytokens 2019-03-01 - Detection Bypass Exploit Title: Canarytokens 2019-03-01 - Detection Bypass Date: 20.03.2019 Exploit Author: Benjamin Zink Loft, Gionathan "John" Reale Vendor Homepage: https://thinkst.com/ Version: up to 2019-03-01 Software Link: https://github.com/thinkst/canarytokens...

Canarytokens 2019-03-01 Detection Bypass

Exploit Title: Canarytokens 2019-03-01 - Detection Bypass Date: 20.03.2019 Exploit Author: Benjamin Zink Loft, Gionathan "John" Reale Vendor Homepage: https://thinkst.com/ Version: up to 2019-03-01 Software Link: https://github.com/thinkst/canarytokens Google Dork: N/A CVE: 2019-9768...

Canarytokens 2019-03-01 - Detection Bypass

Exploit Title: Canarytokens 2019-03-01 - Detection Bypass Date: 20.03.2019 Exploit Author: Benjamin Zink Loft, Gionathan "John" Reale Vendor Homepage: https://thinkst.com/ Version: up to 2019-03-01 Software Link: https://github.com/thinkst/canarytokens Google Dork: N/A CVE: 2019-9768...

CVE-2019-9768

Thinkst Canarytokens through commit hash 4e89ee0 2019-03-01 relies on limited variation in size, metadata, and timestamp, which makes it easier for attackers to estimate whether a Word document contains a token...