CVE-2026-40186 | apostrophe up to 4.28.x cross site scripting (GHSA-9mrh-v2v3-xpfm)

Inserito da Angelo Barbosa | Apr 16, 2026 | CVE

A vulnerability has been found in apostrophe up to 4.28.x and classified as problematic. This affects an unknown part. Performing a manipulation results in cross site scripting.

This vulnerability was named CVE-2026-40186. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.

CVE-2026-40186 | apostrophe up to 4.28.x cross site scripting (GHSA-9mrh-v2v3-xpfm)

Post correlati

CVE-2025-20172 | Cisco IOS/IOS XR/IOS XE SNMP Subsystem denial of service (cisco-sa-snmp-dos-sdxnSUcW)

CVE-2024-1987 | WP-Members Membership Plugin up to 3.4.9.1 on WordPress Shortcode cross site scripting

CVE-2025-22214 | Landray EIS up to 2006 fi_message_receiver.aspx replyid sql injection

CVE-2024-34199 | TinyWeb up to 1.94 Request Line denial of service