VYPR

PMD

by Pmd

CVEs (1)

  • CVE-2026-28338Feb 27, 2026
    risk 0.00cvss epss 0.00

    PMD is an extensible multilanguage static code analyzer. Prior to version 7.22.0, PMD's `vbhtml` and `yahtml` report formats insert rule violation messages into HTML output without escaping. When PMD analyzes untrusted source code containing crafted string literals, the…