| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-40890 | github.com/gomarkdown/markdown: Out-of-bounds Read in SmartypantsRenderer | gomarkdown | markdown | High | 7.5 | 2026-04-21 19:51:53 | Deep Dive |
| CVE-2026-2327 | Markdown-It 安全漏洞 | - | markdown-it | Medium | 5.3 | 2026-02-12 05:00:07 | Deep Dive |
| CVE-2021-47836 | Markdown Explorer 0.1.1 - Persistent Cross-Site Scripting | jersou | Markdown Explorer | Medium | 6.1 | 2026-01-16 19:09:36 | Deep Dive |
| CVE-2023-53940 | Codigo Markdown Editor 1.0.1 Electron Arbitrary Code Execution via Markdown File | Alfonzm | Codigo Markdown Editor | High | 7.8 | 2025-12-18 19:57:45 | Deep Dive |
| CVE-2025-42873 | Denial of Service (DoS) in SAPUI5 framework (Markdown-it component) | SAP_SE | SAPUI5 framework (Markdown-it component) | Medium | 5.9 | 2025-12-09 02:14:07 | Deep Dive |
| CVE-2025-59940 | mkdocs-include-markdown-plugin susceptible to unvalidated input colliding with substitution placeholders | mondeja | mkdocs-include-markdown-plugin | Medium | 6.5 | 2025-09-29 22:27:30 | Deep Dive |
| CVE-2025-10180 | Markdown Shortcode <= 0.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | jhoppe | Markdown Shortcode | Medium | 6.4 | 2025-09-26 06:43:29 | Deep Dive |
| CVE-2025-9540 | Markup Markdown < 3.20.10 - Contributor+ Stored XSS | Unknown | Markup Markdown | - | - | 2025-09-22 06:00:15 | Deep Dive |
| CVE-2025-9541 | Markup Markdown < 3.20.10 - Contributor+ Stored XSS | Unknown | Markup Markdown | - | - | 2025-09-22 06:00:15 | Deep Dive |
| CVE-2025-7969 | Markdown-it 14.1.0 - Cross-site scripting (XSS) | markdown-it | markdown-it | 中危 | - | 2025-08-21 16:40:06 | Deep Dive |
| CVE-2025-46558 | org.xwiki.contrib.markdown:syntax-markdown-commonmark12 vulnerable to XSS via Markdown content | xwiki-contrib | syntax-markdown | Critical | 9.0 | 2025-04-30 18:27:31 | Deep Dive |
| CVE-2025-46445 | WordPress External Markdown plugin <= 0.0.1 - Cross Site Scripting (XSS) Vulnerability | pReya | External Markdown | Medium | 6.5 | 2025-04-24 16:09:06 | Deep Dive |
| CVE-2025-31035 | WordPress WP Editor.md – The Perfect Markdown Editor plugin <= 10.2.1 - Cross Site Scripting (XSS) Vulnerability | Benjamin Chris | WP Editor.md – The Perfect WordPress Markdown Editor | Medium | 5.9 | 2025-04-09 16:10:12 | Deep Dive |
| CVE-2024-21535 | markdown-to-jsx 安全漏洞 | - | markdown-to-jsx | Medium | 6.1 | 2024-10-15 05:00:04 | Deep Dive |
| CVE-2024-7739 | yzane vscode-markdown-pdf cross site scripting | yzane | vscode-markdown-pdf | Medium | 4.3 | 2024-08-13 19:00:11 | Deep Dive |
| CVE-2024-7738 | yzane vscode-markdown-pdf Markdown File pathname traversal | yzane | vscode-markdown-pdf | Low | 3.3 | 2024-08-13 19:00:08 | Deep Dive |
| CVE-2023-42821 | github.com/gomarkdown/markdown Out-of-bounds Read while parsing citations | gomarkdown | markdown | High | 7.5 | 2023-09-22 16:55:33 | Deep Dive |
| CVE-2023-0835 | markdown-pdf 11.0.0 - Local File Read via Server Side XSS | - | markdown-pdf | 高危 | - | 2023-04-04 00:00:00 | Deep Dive |
| CVE-2023-1005 | JP1016 Markdown-Electron code injection | JP1016 | Markdown-Electron | Medium | 5.3 | 2023-02-24 08:00:18 | Deep Dive |
| CVE-2023-26303 | markdown-it-py crash on null assertions | Executable Books | markdown-it-py | Low | 3.3 | 2023-02-22 23:44:41 | Deep Dive |