Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities
CVE-2026-13140 (GCVE-0-2026-13140)
Vulnerability from cvelistv5 – Published: 2026-06-24 11:12 – Updated: 2026-06-24 12:20
VLAI
Title
Stored Cross-Site Scripting in Canarytokens.org
Summary
Stored Cross-Site Scripting in the exposed AWS API key store of Thinkst Applied Research Canarytokens.
Anonymous exploitation requires knowledge of a random identifier.
This issue affects Canarytokens: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper neutralization of input during web page generation ('cross-site scripting')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Thinkst Applied Research | Canarytokens |
Affected:
sha-4116b92cb , < f5aa5c4e
(custom)
Affected: 4116b92cb , < f5aa5c4e (git) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-13140",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-24T12:19:58.505826Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-24T12:20:09.343Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Canarytokens",
"vendor": "Thinkst Applied Research",
"versions": [
{
"lessThan": "f5aa5c4e",
"status": "affected",
"version": "sha-4116b92cb",
"versionType": "custom"
},
{
"lessThan": "f5aa5c4e",
"status": "affected",
"version": "4116b92cb",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arkadiusz Marta"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eStored Cross-Site Scripting in the exposed AWS API key store of\u0026nbsp;\u003cspan\u003eThinkst Applied Research Canarytokens.\u003c/span\u003e\u003c/div\u003e\u003cdiv\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/div\u003e\u003cdiv\u003e\u003cspan\u003eAnonymous exploitation requires knowledge of a random identifier.\u003c/span\u003e\u003c/div\u003e\u003cdiv\u003e\u003cspan\u003e\u003cbr\u003e\u003c/span\u003e\u003c/div\u003e\u003cdiv\u003eThis issue affects Canarytokens: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e.\u003cspan\u003e\u003c/span\u003e\u003c/div\u003e"
}
],
"value": "Stored Cross-Site Scripting in the exposed AWS API key store of\u00a0Thinkst Applied Research Canarytokens.\n\n\n\n\nAnonymous exploitation requires knowledge of a random identifier.\n\n\n\n\nThis issue affects Canarytokens: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 1.1,
"baseSeverity": "LOW",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-24T11:12:17.073Z",
"orgId": "0f2be0ad-3469-4e56-b38f-4eb96719b425",
"shortName": "ThinkstAppliedResearch"
},
"references": [
{
"url": "https://github.com/thinkst/canarytokens/security/advisories/GHSA-23pf-xjp2-48q6"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Pull the latest Docker image:\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003ccode\u003e$\u0026nbsp;docker pull thinkst/canarytokens:latest\u003c/code\u003e\u003c/div\u003e"
}
],
"value": "Pull the latest Docker image:\n\n\n$\u00a0docker pull thinkst/canarytokens:latest"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stored Cross-Site Scripting in Canarytokens.org",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "0f2be0ad-3469-4e56-b38f-4eb96719b425",
"assignerShortName": "ThinkstAppliedResearch",
"cveId": "CVE-2026-13140",
"datePublished": "2026-06-24T11:12:17.073Z",
"dateReserved": "2026-06-24T08:36:28.448Z",
"dateUpdated": "2026-06-24T12:20:09.343Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12888 (GCVE-0-2026-12888)
Vulnerability from cvelistv5 – Published: 2026-06-22 13:05 – Updated: 2026-06-22 15:42
VLAI
Title
HTML injection in the Canarytoken Google Chat notification
Summary
An HTML injection vulnerability exists in the Google Chat webhook notification sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation in Google Chat. An attacker can insert limited HTML content including links.
This issue affects Canarytokens: from Docker tag sha-4aef1db90 before sha-8ab4dccd, from Git commit 4aef1db90 before 8ab4dccd.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Thinkst Applied Research | Canarytokens |
Affected:
sha-4aef1db90 , < sha-8ab4dccd
(custom)
Affected: 4aef1db90 , < 8ab4dccd (git) |
Date Public
2026-06-22 11:13
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12888",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T15:42:24.249954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T15:42:35.858Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Canarytokens",
"vendor": "Thinkst Applied Research",
"versions": [
{
"lessThan": "sha-8ab4dccd",
"status": "affected",
"version": "sha-4aef1db90",
"versionType": "custom"
},
{
"lessThan": "8ab4dccd",
"status": "affected",
"version": "4aef1db90",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "GitHub.com/geo-chen"
}
],
"datePublic": "2026-06-22T11:13:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An HTML injection vulnerability exists in the Google Chat webhook notification\u0026nbsp; sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation in Google Chat. An attacker can insert limited HTML content including links.\u003cdiv\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Canarytokens: from Docker tag sha-4aef1db90 before sha-8ab4dccd, from Git commit 4aef1db90 before 8ab4dccd.\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "An HTML injection vulnerability exists in the Google Chat webhook notification\u00a0 sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation in Google Chat. An attacker can insert limited HTML content including links.\n\n\nThis issue affects Canarytokens: from Docker tag sha-4aef1db90 before sha-8ab4dccd, from Git commit 4aef1db90 before 8ab4dccd."
}
],
"impacts": [
{
"capecId": "CAPEC-113",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-113 Interface Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2,
"baseSeverity": "LOW",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:P/AU:N/RE:L/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T13:05:53.827Z",
"orgId": "0f2be0ad-3469-4e56-b38f-4eb96719b425",
"shortName": "ThinkstAppliedResearch"
},
"references": [
{
"url": "https://github.com/thinkst/canarytokens/security/advisories/GHSA-vcfc-7466-8q65"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Pull the latest Docker image:\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003ccode\u003e$\u0026nbsp;docker pull thinkst/canarytokens:latest\u003c/code\u003e\u003c/div\u003e"
}
],
"value": "Pull the latest Docker image:\n\n\n$\u00a0docker pull thinkst/canarytokens:latest"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HTML injection in the Canarytoken Google Chat notification",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "0f2be0ad-3469-4e56-b38f-4eb96719b425",
"assignerShortName": "ThinkstAppliedResearch",
"cveId": "CVE-2026-12888",
"datePublished": "2026-06-22T13:05:53.827Z",
"dateReserved": "2026-06-22T10:56:11.962Z",
"dateUpdated": "2026-06-22T15:42:35.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-11859 (GCVE-0-2026-11859)
Vulnerability from cvelistv5 – Published: 2026-06-10 11:35 – Updated: 2026-06-10 14:38
VLAI
Title
HTML injection in the Canarytoken links email
Summary
An HTML injection vulnerability in the "fetch links" email sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross-Site Scripting (XSS) in emails clients that render HTML emails.
This issue affects Canarytokens: from Docker tag sha-c0f3cf142 before sha-08c3f93d, from Git commit c0f3cf142 before 08c3f93d.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Thinkst Applied Research | Canarytokens |
Affected:
sha-c0f3cf142 , < sha-08c3f93d
(custom)
Affected: c0f3cf142 , < 08c3f93d (git) |
Date Public
2026-06-10 10:36
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-11859",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T14:35:29.304220Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T14:38:21.778Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Canarytokens",
"vendor": "Thinkst Applied Research",
"versions": [
{
"lessThan": "sha-08c3f93d",
"status": "affected",
"version": "sha-c0f3cf142",
"versionType": "custom"
},
{
"lessThan": "08c3f93d",
"status": "affected",
"version": "c0f3cf142",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arkadiusz Marta"
}
],
"datePublic": "2026-06-10T10:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An HTML injection vulnerability in the \"fetch links\" email sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross-Site Scripting (XSS) in emails clients that render HTML emails.\u003cdiv\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Canarytokens: from Docker tag sha-c0f3cf142 before sha-08c3f93d, from Git commit c0f3cf142 before 08c3f93d.\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "An HTML injection vulnerability in the \"fetch links\" email sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross-Site Scripting (XSS) in emails clients that render HTML emails.\n\n\nThis issue affects Canarytokens: from Docker tag sha-c0f3cf142 before sha-08c3f93d, from Git commit c0f3cf142 before 08c3f93d."
}
],
"impacts": [
{
"capecId": "CAPEC-113",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-113 Interface Manipulation"
}
]
},
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2,
"baseSeverity": "LOW",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:P/AU:N/RE:L/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T11:35:14.974Z",
"orgId": "0f2be0ad-3469-4e56-b38f-4eb96719b425",
"shortName": "ThinkstAppliedResearch"
},
"references": [
{
"url": "https://github.com/thinkst/canarytokens/security/advisories/GHSA-55jf-cqr9-r7p4"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Pull the latest Docker image:\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003ccode\u003e$\u0026nbsp;docker pull thinkst/canarytokens:latest\u003c/code\u003e\u003c/div\u003e"
}
],
"value": "Pull the latest Docker image:\n\n\n$\u00a0docker pull thinkst/canarytokens:latest"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HTML injection in the Canarytoken links email",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "0f2be0ad-3469-4e56-b38f-4eb96719b425",
"assignerShortName": "ThinkstAppliedResearch",
"cveId": "CVE-2026-11859",
"datePublished": "2026-06-10T11:35:14.974Z",
"dateReserved": "2026-06-10T10:35:44.979Z",
"dateUpdated": "2026-06-10T14:38:21.778Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10729 (GCVE-0-2026-10729)
Vulnerability from cvelistv5 – Published: 2026-06-03 13:02 – Updated: 2026-06-03 15:44
VLAI
Title
HTML injection in the notification email for "Slow Redirect" and "Cloned Website" Canarytokens
Summary
An HTML injection vulnerability in the notification email for "Slow Redirect" and "Cloned Website" Canarytokens exists in Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross-Site Scripting (XSS) in emails clients that render HTML emails.
This issue affects Canarytokens: from Docker tag sha-c42435e before sha-bfda4df, from Git commit c42435e before bfda4df.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/thinkst/canarytokens/security/… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Thinkst Applied Research | Canarytokens |
Affected:
sha-c42435e , < sha-bfda4df
(custom)
Affected: c42435e , < bfda4df (git) |
Date Public
2026-06-03 10:53
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10729",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-03T15:44:44.272580Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T15:44:50.812Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Canarytokens",
"vendor": "Thinkst Applied Research",
"versions": [
{
"lessThan": "sha-bfda4df",
"status": "affected",
"version": "sha-c42435e",
"versionType": "custom"
},
{
"lessThan": "bfda4df",
"status": "affected",
"version": "c42435e",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gaurav Popalghat"
}
],
"datePublic": "2026-06-03T10:53:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An HTML injection vulnerability in the notification email for \"Slow Redirect\" and \"Cloned Website\" Canarytokens exists in Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross-Site Scripting (XSS) in emails clients that render HTML emails.\u003cdiv\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Canarytokens: from Docker tag sha-c42435e before sha-bfda4df, from Git commit c42435e before bfda4df.\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "An HTML injection vulnerability in the notification email for \"Slow Redirect\" and \"Cloned Website\" Canarytokens exists in Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross-Site Scripting (XSS) in emails clients that render HTML emails.\n\n\nThis issue affects Canarytokens: from Docker tag sha-c42435e before sha-bfda4df, from Git commit c42435e before bfda4df."
}
],
"impacts": [
{
"capecId": "CAPEC-113",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-113 Interface Manipulation"
}
]
},
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 1.2,
"baseSeverity": "LOW",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:P/AU:N/RE:L/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T13:02:15.195Z",
"orgId": "0f2be0ad-3469-4e56-b38f-4eb96719b425",
"shortName": "ThinkstAppliedResearch"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/thinkst/canarytokens/security/advisories/GHSA-hmjv-pj8j-8fg7"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Pull the latest Docker image:\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003ccode\u003e$\u0026nbsp;docker pull thinkst/canarytokens:latest\u003c/code\u003e\u003c/div\u003e"
}
],
"value": "Pull the latest Docker image:\n\n\n$\u00a0docker pull thinkst/canarytokens:latest"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "HTML injection in the notification email for \"Slow Redirect\" and \"Cloned Website\" Canarytokens",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "0f2be0ad-3469-4e56-b38f-4eb96719b425",
"assignerShortName": "ThinkstAppliedResearch",
"cveId": "CVE-2026-10729",
"datePublished": "2026-06-03T13:02:15.195Z",
"dateReserved": "2026-06-03T10:21:12.713Z",
"dateUpdated": "2026-06-03T15:44:50.812Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}