CVE-2026-38949 | HTMLy 3.1.1 /add/content?type=image cross site scripting

April 28, 2026 Yanac

A vulnerability, which was classified as problematic, has been found in HTMLy 3.1.1. Affected by this vulnerability is an unknown functionality of the file /add/content?type=image. Performing a manipulation results in cross site scripting.

This vulnerability is reported as CVE-2026-38949. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More

You can get dragged into a police investigation by proximity alone — for now
CVE-2026-5794 | Ercom Cryptobox up to 4.37.x/4.40.175 multiple resources with duplicate identifier