Unrated severityNVD Advisory· Published Jun 24, 2026· Updated Jun 24, 2026
Stored Cross-Site Scripting in Canarytokens.org
CVE-2026-13140
Description
Stored Cross-Site Scripting in the exposed AWS API key store of Thinkst Applied Research Canarytokens.
Anonymous exploitation requires knowledge of a random identifier.
This issue affects Canarytokens: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.