CVE-2026-40186 | apostrophe up to 4.28.x cross site scripting (GHSA-9mrh-v2v3-xpfm)

April 16, 2026 Yanac

A vulnerability has been found in apostrophe up to 4.28.x and classified as problematic. This affects an unknown part. Performing a manipulation results in cross site scripting.

This vulnerability was named CVE-2026-40186. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More

CVE-2026-40179 | Prometheus up to 3.5.1/3.11.1 label_replace label cross site scripting (GHSA-vffh-x6r8-xx99)
CVE-2026-22676 | Barracuda RMM up to 2025.2.1 permission assignment