VYPR

Goldmark

by Yuin

Source repositories

CVEs (1)

  • CVE-2026-5160MedApr 15, 2026
    risk 0.33cvss 6.1epss 0.00

    Versions of the package github.com/yuin/goldmark/renderer/html before 1.7.17 are vulnerable to Cross-site Scripting (XSS) due to improper ordering of URL validation and normalization. The renderer validates link destinations using a prefix-based check (IsDangerousURL) before…