Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    Related vulnerabilities

    CVE-2026-59930 (GCVE-0-2026-59930)

    Vulnerability from cvelistv5 – Published: 2026-07-08 16:13 – Updated: 2026-07-09 13:54
    VLAI
    Title
    Mistune toc / TableOfContents directive: heading IDs use predictable `toc_N` numbering with no slugification, allowing collision with attacker-controlled `id="toc_N"` content
    Summary
    Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the toc plugin and TableOfContents directive generate heading IDs as predictable toc_N values without slugifying the heading text, allowing attacker-controlled id="toc_N" content to collide with generated anchors and redirect same-page navigation, CSS selectors, or JavaScript handlers. This issue is fixed in version 3.3.0.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-345 - Insufficient Verification of Data Authenticity
    • CWE-1284 - Improper Validation of Specified Quantity in Input
    Assigner
    Impacted products
    Vendor Product Version
    lepture mistune Affected: < 3.3.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-59930",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-09T13:53:53.247241Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T13:54:33.627Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/lepture/mistune/security/advisories/GHSA-2hm2-hc3v-44h9"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "mistune",
              "vendor": "lepture",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 3.3.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the toc plugin and TableOfContents directive generate heading IDs as predictable toc_N values without slugifying the heading text, allowing attacker-controlled id=\"toc_N\" content to collide with generated anchors and redirect same-page navigation, CSS selectors, or JavaScript handlers. This issue is fixed in version 3.3.0."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-345",
                  "description": "CWE-345: Insufficient Verification of Data Authenticity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-1284",
                  "description": "CWE-1284: Improper Validation of Specified Quantity in Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T16:13:21.999Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/lepture/mistune/security/advisories/GHSA-2hm2-hc3v-44h9",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/lepture/mistune/security/advisories/GHSA-2hm2-hc3v-44h9"
            },
            {
              "name": "https://github.com/lepture/mistune/commit/c4093c4742ed0d10d9332fb8edb455869b7b581b",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/lepture/mistune/commit/c4093c4742ed0d10d9332fb8edb455869b7b581b"
            },
            {
              "name": "https://github.com/lepture/mistune/releases/tag/v3.3.0",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/lepture/mistune/releases/tag/v3.3.0"
            }
          ],
          "source": {
            "advisory": "GHSA-2hm2-hc3v-44h9",
            "discovery": "UNKNOWN"
          },
          "title": "Mistune toc / TableOfContents directive: heading IDs use predictable `toc_N` numbering with no slugification, allowing collision with attacker-controlled `id=\"toc_N\"` content"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-59930",
        "datePublished": "2026-07-08T16:13:21.999Z",
        "dateReserved": "2026-07-07T18:20:06.126Z",
        "dateUpdated": "2026-07-09T13:54:33.627Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    PYSEC-2026-2218

    Vulnerability from pysec - Published: 2026-07-08 17:17 - Updated: 2026-07-13 05:49
    VLAI
    Details

    Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the toc plugin and TableOfContents directive generate heading IDs as predictable toc_N values without slugifying the heading text, allowing attacker-controlled id="toc_N" content to collide with generated anchors and redirect same-page navigation, CSS selectors, or JavaScript handlers. This issue is fixed in version 3.3.0.

    Impacted products
    Name purl
    mistune pkg:pypi/mistune

    {
      "affected": [
        {
          "ecosystem_specific": {},
          "package": {
            "ecosystem": "PyPI",
            "name": "mistune",
            "purl": "pkg:pypi/mistune"
          },
          "ranges": [
            {
              "events": [
                {
                  "introduced": "0"
                },
                {
                  "fixed": "3.3.0"
                }
              ],
              "type": "ECOSYSTEM"
            }
          ],
          "versions": [
            "0.1.0",
            "0.2.0",
            "0.3.0",
            "0.3.1",
            "0.4",
            "0.4.1",
            "0.5",
            "0.5.1",
            "0.6",
            "0.7",
            "0.7.1",
            "0.7.2",
            "0.7.3",
            "0.7.4",
            "0.8",
            "0.8.1",
            "0.8.2",
            "0.8.3",
            "0.8.4",
            "2.0.0",
            "2.0.0a1",
            "2.0.0a2",
            "2.0.0a3",
            "2.0.0a4",
            "2.0.0a5",
            "2.0.0a6",
            "2.0.0rc1",
            "2.0.1",
            "2.0.2",
            "2.0.3",
            "2.0.4",
            "2.0.5",
            "2.1.0",
            "3.0.0",
            "3.0.0a1",
            "3.0.0a2",
            "3.0.0a3",
            "3.0.0rc1",
            "3.0.0rc2",
            "3.0.0rc3",
            "3.0.0rc4",
            "3.0.0rc5",
            "3.0.1",
            "3.0.2",
            "3.1.0",
            "3.1.1",
            "3.1.2",
            "3.1.3",
            "3.1.4",
            "3.2.0",
            "3.2.1"
          ]
        }
      ],
      "aliases": [
        "CVE-2026-59930",
        "GHSA-2hm2-hc3v-44h9"
      ],
      "details": "Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the toc plugin and TableOfContents directive generate heading IDs as predictable toc_N values without slugifying the heading text, allowing attacker-controlled id=\"toc_N\" content to collide with generated anchors and redirect same-page navigation, CSS selectors, or JavaScript handlers. This issue is fixed in version 3.3.0.",
      "id": "PYSEC-2026-2218",
      "modified": "2026-07-13T05:49:58.084406Z",
      "published": "2026-07-08T17:17:28.867Z",
      "references": [
        {
          "type": "ADVISORY",
          "url": "https://github.com/lepture/mistune/releases/tag/v3.3.0"
        },
        {
          "type": "FIX",
          "url": "https://github.com/lepture/mistune/commit/c4093c4742ed0d10d9332fb8edb455869b7b581b"
        },
        {
          "type": "EVIDENCE",
          "url": "https://github.com/lepture/mistune/security/advisories/GHSA-2hm2-hc3v-44h9"
        }
      ],
      "severity": [
        {
          "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
          "type": "CVSS_V3"
        }
      ]
    }