Hackage Server
Sign in to watchby RubyGems
CVEs (1)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-40472 | Cri | 0.64 | 9.9 | 0.00 | Apr 23, 2026 | In hackage-server, user-controlled metadata from .cabal files are rendered into HTML href attributes without proper sanitization, enabling stored Cross-Site Scripting (XSS) attacks. |