CVE-2026-44896 | lepture mistune up to 3.2.0 Python Markdown Parser image.py render_figure cross site scripting (GHSA-58cw-g322-p94v)

Inserito da Angelo Barbosa | Mag 26, 2026 | CVE

A vulnerability has been found in lepture mistune up to 3.2.0 and classified as problematic. The impacted element is the function render_figure of the file src/mistune/directives/image.py of the component Python Markdown Parser. Performing a manipulation results in cross site scripting.

This vulnerability was named CVE-2026-44896. The attack may be initiated remotely. There is no available exploit.

CVE-2026-44896 | lepture mistune up to 3.2.0 Python Markdown Parser image.py render_figure cross site scripting (GHSA-58cw-g322-p94v)

Post correlati

CVE-2024-2400 | Google Chrome prior 122.0.6261.128 Performance Manager use after free (Issue 327696)

CVE-2023-41542 | jeecg-boot 3.5.3 jmreport/qurestSql sql injection

CVE-2025-3609 | Reales WP STPT Plugin up to 2.1.2 on WordPress User Registration reales_user_signup_form improper authorization

CVE-2024-11636 | Icegram Express Email Subscribers Plugin up to 5.7.44 on WordPress Text Block Option cross site scripting