CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-32774

Vulnogram 1.0.0 contains a stored cross-site scripting vulnerability in comment hypertext handling that allows attackers to inject malicious scripts. Remote attackers can inject XSS payloads through comments to execute arbitrary JavaScript in victims' browsers.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.8%

CVSS Severity

CVSS v3 Score 6.4

References

https://github.com/Vulnogram/Vulnogram
https://github.com/Vulnogram/Vulnogram/security/advisories/GHSA-pg4p-2985-gvxr
https://www.vulncheck.com/advisories/vulnogram-stored-cross-site-scripting-via-comment-hypertext
https://github.com/Vulnogram/Vulnogram/commit/2f0e21b113c58124084c7b74c9768fc241126a05

Products affected by CVE-2026-32774

Vulnogram » Vulnogram » Version: 1.0.0

cpe:2.3:a:vulnogram:vulnogram:1.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-32774

Products

Pricing

Contact Us