CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-44708

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the mistune math plugin renders inline math ($...$) and block math ($$...$$) by concatenating the raw user-supplied content directly into the HTML output without any HTML escaping. This occurs even when the parser is explicitly created with escape=True, which is supposed to guarantee that all user-controlled text is sanitised before reaching the DOM. This vulnerability is fixed in 3.2.1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.3%

CVSS Severity

CVSS v3 Score 6.1

References

Products affected by CVE-2026-44708

Mistune Project » Mistune » Version: 0.1.0

cpe:2.3:a:mistune_project:mistune:0.1.0
Mistune Project » Mistune » Version: 0.2.0

cpe:2.3:a:mistune_project:mistune:0.2.0
Mistune Project » Mistune » Version: 0.3.0

cpe:2.3:a:mistune_project:mistune:0.3.0
Mistune Project » Mistune » Version: 0.3.1

cpe:2.3:a:mistune_project:mistune:0.3.1
Mistune Project » Mistune » Version: 0.4

cpe:2.3:a:mistune_project:mistune:0.4
Mistune Project » Mistune » Version: 0.4.1

cpe:2.3:a:mistune_project:mistune:0.4.1
Mistune Project » Mistune » Version: 0.5

cpe:2.3:a:mistune_project:mistune:0.5
Mistune Project » Mistune » Version: 0.5.1

cpe:2.3:a:mistune_project:mistune:0.5.1
Mistune Project » Mistune » Version: 0.6

cpe:2.3:a:mistune_project:mistune:0.6
Mistune Project » Mistune » Version: 0.7

cpe:2.3:a:mistune_project:mistune:0.7
Mistune Project » Mistune » Version: 0.7.1

cpe:2.3:a:mistune_project:mistune:0.7.1
Mistune Project » Mistune » Version: 0.7.2

cpe:2.3:a:mistune_project:mistune:0.7.2
Mistune Project » Mistune » Version: 0.7.3

cpe:2.3:a:mistune_project:mistune:0.7.3
Mistune Project » Mistune » Version: 0.7.4

cpe:2.3:a:mistune_project:mistune:0.7.4
Mistune Project » Mistune » Version: 0.8

cpe:2.3:a:mistune_project:mistune:0.8
Mistune Project » Mistune » Version: 0.8.1

cpe:2.3:a:mistune_project:mistune:0.8.1
Mistune Project » Mistune » Version: 0.8.2

cpe:2.3:a:mistune_project:mistune:0.8.2
Mistune Project » Mistune » Version: 0.8.3

cpe:2.3:a:mistune_project:mistune:0.8.3
Mistune Project » Mistune » Version: 0.8.4

cpe:2.3:a:mistune_project:mistune:0.8.4
Mistune Project » Mistune » Version: 2.0.0

cpe:2.3:a:mistune_project:mistune:2.0.0
Mistune Project » Mistune » Version: 2.0.1

cpe:2.3:a:mistune_project:mistune:2.0.1
Mistune Project » Mistune » Version: 2.0.2

cpe:2.3:a:mistune_project:mistune:2.0.2
Mistune Project » Mistune » Version: 2.0.3

cpe:2.3:a:mistune_project:mistune:2.0.3
Mistune Project » Mistune » Version: 2.0.4

cpe:2.3:a:mistune_project:mistune:2.0.4
Mistune Project » Mistune » Version: 2.0.5

cpe:2.3:a:mistune_project:mistune:2.0.5
Mistune Project » Mistune » Version: 3.0.0

cpe:2.3:a:mistune_project:mistune:3.0.0
Mistune Project » Mistune » Version: 3.0.1

cpe:2.3:a:mistune_project:mistune:3.0.1
Mistune Project » Mistune » Version: 3.0.2

cpe:2.3:a:mistune_project:mistune:3.0.2
Mistune Project » Mistune » Version: 3.1.0

cpe:2.3:a:mistune_project:mistune:3.1.0
Mistune Project » Mistune » Version: 3.1.1

cpe:2.3:a:mistune_project:mistune:3.1.1
Mistune Project » Mistune » Version: 3.1.2

cpe:2.3:a:mistune_project:mistune:3.1.2
Mistune Project » Mistune » Version: 3.1.3

cpe:2.3:a:mistune_project:mistune:3.1.3
Mistune Project » Mistune » Version: 3.1.4

cpe:2.3:a:mistune_project:mistune:3.1.4
Mistune Project » Mistune » Version: 3.2.0

cpe:2.3:a:mistune_project:mistune:3.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-44708

Products

Pricing

Contact Us