3 matches found
CVE-2026-25516
NiceGUI is a Python-based UI framework. The ui.markdown component uses the markdown2 library to convert markdown content to HTML, which is then rendered via innerHTML. By default, markdown2 allows raw HTML to pass through unchanged. This means that if an application renders user-controlled conten...
acherion (>=0.2.0 <=0.9.2), aesp (=2025.9.12) +257 more potentially affected by CVE-2026-25516 via nicegui (>=0.9.11 <=3.6.1)
nicegui PYPI version =0.9.11, =0.2.0, =1.0.0, =0.0.1, =0.1.0, =0.2.0, =0.3.0, =0.0.0, =0.0.0, =0.4.14, =1.0.0, =1.1.3 - autestoy =0.1.0 - auth-web-kit =1.2.2 and more Source cves: CVE-2026-25516 Source advisory: OSV:GHSA-V82V-C5X8-W282...
CVE-2026-25516
creationtimestamp| type| source ---|---|--- 2026-02-05 11:12:26+00:00| published-proof-of-concept| https://github.com/zauberzeug/nicegui/security/advisories/GHSA-v82v-c5x8-w282...