CVE-2026-44708 - Vulnerability Details

- Mistune Math Plugin XSS Escape Bypass

Description

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the mistune math plugin renders inline math ($...$) and block math ($$...$$) by concatenating the raw user-supplied content directly into the HTML output without any HTML escaping. This occurs even when the parser is explicitly created with escape=True, which is supposed to guarantee that all user-controlled text is sanitised before reaching the DOM. This vulnerability is fixed in 3.2.1.

Published: 2026-05-26

Score: 6.1 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

Mistune, a Python Markdown parser, includes a math plugin that, before version 3.2.1, inserted user‑supplied math expressions ($…$ and $$…$$) directly into the generated HTML without escaping. Even when the parser is told to escape content, the math plugin bypasses this protection, allowing an attacker to inject arbitrary HTML or script payloads that will be rendered in the victim browser. This flaw represents a classic Cross‑Site Scripting vulnerability (CWE‑79) that permits malicious code execution within the user’s browser context.

Affected Systems

The issue affects the Mistune math plugin in all releases prior to 3.2.1 from the lepture:mistune project. Any application that parses untrusted Markdown with this plugin before the upgrade is vulnerable.

Risk and Exploitability

The vulnerability carries a CVSS score of 6.1, indicating moderate severity. No EPSS score is available, and the flaw is not listed in the CISA KEV catalog. The attack vector is inferred to be remote: an attacker can supply crafted Markdown to a web application that renders it with Mistune, causing malicious scripts to execute in the context of the application’s users. Because the flaw relies solely on input handling, no privileged access or additional prerequisites are required.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

lepture

mistune

affected

Version	Status	Constraints
`< 3.2.1`	affected	—

Configuration 1 [-]

cpe:2.3:a:mistune_project:mistune:*:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Lepture

Mistune

100%

Version	Status	Scheme	Platform
`[0,3.2.1)`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Mistune to version 3.2.1 or later, ensuring the math plugin is updated
If the application must continue using older Mistune, disable the math plugin or remove math support from the rendering pipeline
Validate or escape user input before passing it to Mistune when the math plugin cannot be disabled

Generated by OpenCVE AI on May 26, 2026 at 22:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Github GHSA	GHSA-8g87-j6q8-g93x	Mistune Math Plugin has an XSS Escape Bypass

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00198.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/lepture/mistune/releases/tag/v3.2.1
https://github.com/lepture/mistune/security/advisories/GHSA-8g87-j6q8-g93x

History

Thu, 28 May 2026 13:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mistune Project Mistune Project mistune
CPEs		cpe:2.3:a:mistune_project:mistune::::::::
Vendors & Products		Mistune Project Mistune Project mistune

Wed, 27 May 2026 16:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 26 May 2026 23:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Lepture Lepture mistune
Vendors & Products		Lepture Lepture mistune

Tue, 26 May 2026 21:15:00 +0000

Type	Values Removed	Values Added
Description		Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the mistune math plugin renders inline math ($...$) and block math ($$...$$) by concatenating the raw user-supplied content directly into the HTML output without any HTML escaping. This occurs even when the parser is explicitly created with escape=True, which is supposed to guarantee that all user-controlled text is sanitised before reaching the DOM. This vulnerability is fixed in 3.2.1.
Title		Mistune Math Plugin XSS Escape Bypass
Weaknesses		CWE-79
References		https://github.com/lepture/mistune/releases/tag/v3.2.1 https://github.com/lepture/mistune/security/advisories/GHSA-8g87-j6q8-g93x
Metrics		cvssV3_1 `{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}`

Subscriptions

Lepture Mistune

Mistune Project Mistune

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-05-26T20:39:18.990Z

Updated: 2026-05-27T14:14:26.074Z

Reserved: 2026-05-07T17:07:09.318Z

Link: CVE-2026-44708

Vulnrichment

Updated: 2026-05-27T14:13:53.702Z

NVD

Status : Analyzed

Published: 2026-05-26T21:16:38.527

Modified: 2026-05-28T13:44:30.730

Link: CVE-2026-44708

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-26T23:45:05Z

Weaknesses

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object