Vulnerabilities

Report: CVE-2026-27136 - Invoking duplicate attributes can cause XSS in golang.org/x/net/html

2026-05-22 0 views admin

CVE ID :CVE-2026-27136 Published : May 22, 2026, 3:01 p.m. | 2 hours, 30 minutes ago Description :Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-27136

Published

May 22, 2026

Impact: XSS

🏷️ Tags

report27136invokingduplicateattributescausegolangpublishedcvexss

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-27136 - Invoking duplicate attributes can cause XSS in golang.org/x/net/html

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-39964 - TypeBot: Stored XSS via javascript: URI in text bubble links — bot author execut

Report: CVE-2026-39965 - TypeBot: SSRF via Open Redirect Bypass in HTTP Request and Code Blocks - 2025 Update

Report: CVE-2026-39970 - TypeBot: Stored Cross-Site Scripting (XSS) via SVG File Upload On Profile Pictur

Report: CVE-2026-9291 - Insecure Deserialization in Amazon Braket SDK Job Results Processing

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting