1
0
1
0
Vulnerability Timeline
1 vulnerabilities discovered over time for Commonmark
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-30838 | 5.1 | This vulnerability allows an attacker to inject malicious HTML, like a script tag, into applications that use a specific Markdown parser to handle user input, potentially leading to cross-site scripting (XSS) attacks. It can be exploited by cleverly inserting whitespace in disallowed HTML tags, and it affects any application relying on the parser's built-in sanitization without additional protections. | thephpleaguecommonmark | Exploit Available | about 1 month agoMar 7, 2026 |
About Thephpleague Commonmark Security
This page provides comprehensive security vulnerability tracking for Thephpleague Commonmark. Our database includes all CVEs affecting this product, updated in real-time from official sources.
Each vulnerability listing includes detailed CVSS severity analysis, exploit availability status, AI-generated explanations, and direct links to official security patches and vendor advisories.
Security Recommendations
- • Always keep Commonmark updated to the latest version
- • Subscribe to security advisories from Thephpleague
- • Monitor this page for new vulnerabilities affecting your version
- • Prioritize patching critical and high severity issues immediately