Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-44899 |
|
Cross-Site Scripting (XSS) in mistune (CVE-2026-44899)
cross-site scripting in mistune (CVE-2026-44899). Risk of unauthorized operations or information disclosure. Exploitable via ``outline``. Mitigation: upgrade to `3.2.1` or later.
|
| CVE-2026-44898 |
|
Cross-Site Scripting (XSS) in mistune (CVE-2026-44898)
cross-site scripting in mistune (CVE-2026-44898). Risk of unauthorized operations or information disclosure. Exploitable via ``text``. Mitigation: upgrade to `3.2.1` or later.
|
| CVE-2026-44897 |
|
Cross-Site Scripting (XSS) in mistune (CVE-2026-44897)
cross-site scripting in mistune (CVE-2026-44897). Risk of unauthorized operations or information disclosure. Exploitable via ``toc_1``. Mitigation: upgrade to `3.2.1` or later.
|
| CVE-2026-44896 |
|
Cross-Site Scripting (XSS) in mistune (CVE-2026-44896)
cross-site scripting in mistune (CVE-2026-44896). Risk of unauthorized operations or information disclosure. Exploitable via ``figclass``. Mitigation: upgrade to `3.2.1` or later.
|
| CVE-2026-44708 |
|
Cross-Site Scripting (XSS) in mistune (CVE-2026-44708)
cross-site scripting in mistune (CVE-2026-44708). Risk of unauthorized operations or information disclosure. Exploitable via ``_escape``.
|
| CVE-2017-15612 |
|
Cross-Site Scripting (XSS) in mistune-project (CVE-2017-15612)
cross-site scripting in mistune-project (CVE-2017-15612). Risk of unauthorized operations or information disclosure.
|