VYPR
Published Jul 9, 2026· Updated Jul 10, 2026· 1 source

Mistune Project: Nine Vulnerabilities Including DoS and XSS Disclosed Together

Key findings • Nine vulnerabilities in Mistune patched in version 3.3.0, disclosed on July 9, 2026. • Flaws include denial-of-service via quadratic complexity in parsing and recursive include…

Key findings

  • Nine vulnerabilities in Mistune patched in version 3.3.0, disclosed on July 9, 2026.
  • Flaws include denial-of-service via quadratic complexity in parsing and recursive includes.
  • URL filtering bypasses and arbitrary file access vulnerabilities were identified.
  • Cross-site scripting (XSS) is possible through improper attribute handling and unsafe URL rendering.
  • Issues with TOC generation and reference-link definitions also disclosed.

On July 9, 2026, a batch of nine vulnerabilities was disclosed in Mistune, a Python Markdown parser developed by the Mistune Project. All nine issues have been fixed in version 3.3.0. The vulnerabilities, detailed by Debian and covered by Vypr Intelligence, span several categories including denial-of-service (DoS) through quadratic complexity, cross-site scripting (XSS), and arbitrary file access.

Several vulnerabilities stem from inefficient parsing mechanisms that can lead to DoS conditions. CVE-2026-59922 and CVE-2026-59925 describe how specific marker pairs or long emphasis sequences can cause quadratic work in the parser, exhausting CPU resources. Similarly, CVE-2026-59928 details how a large number of reference-link definitions can lead to quadratic work in block parsing and reference link handling, also resulting in DoS.

Security issues related to URL handling and file access were also prominent. CVE-2026-59929 and CVE-2026-59923 highlight bypasses in the safe_url filter, allowing malicious schemes like feed: or percent-encoded javascript: URIs to be rendered, potentially leading to script execution. CVE-2026-59924 describes an arbitrary file access vulnerability where crafted include paths can escape the intended directory due to improper path normalization in the Include directive.

Cross-site scripting (XSS) is a risk introduced by CVE-2026-59926, where the render_admonition function concatenates the :class: option into the HTML class attribute without proper escaping, enabling attribute injection. Another issue, CVE-2026-59930, affects the Table of Contents (TOC) plugin and directive. It generates predictable toc_N IDs without slugifying heading text, allowing an attacker to inject id="toc_N" content to hijack same-page navigation. Finally, CVE-2026-59927 points to an unbounded recursion vulnerability in the Include directive's handling of indirect self-includes, which can crash the application.

All nine vulnerabilities were addressed in Mistune version 3.3.0. Users are strongly advised to update to this version to mitigate the risks associated with DoS, XSS, arbitrary file access, and navigation hijacking. The coordinated disclosure of these issues highlights the importance of thorough security reviews in widely used parsing libraries.

The batch of vulnerabilities was disclosed on July 9, 2026. All affected versions are prior to 3.3.0. The fix was released in version 3.3.0.

CVE-2026-59922, CVE-2026-59925, and CVE-2026-59928 detail denial-of-service vulnerabilities due to quadratic complexity in parsing. CVE-2026-59929 and CVE-2026-59923 involve bypasses in URL filtering, enabling script execution. CVE-2026-59924 allows arbitrary file access through crafted include paths. CVE-2026-59926 presents a cross-site scripting (XSS) risk due to improper attribute handling. CVE-2026-59930 enables same-page navigation hijacking via predictable TOC IDs. CVE-2026-59927 can lead to application crashes through unbounded recursion in include directives.

Synthesized by Vypr AI