Html/template
This hub aggregates every CVE we track for Html/template, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
11
CVEs tracked
2
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM7HIGH2CRITICAL2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
2
0
0
2024-082026-07
Latest CVEs
The 11 most recently published vulnerabilities affecting Html/template.
- CVE-2026-39826Escaper bypass leads to XSS in html/template6.1
- CVE-2026-39823Bypass of meta content URL escaping causes XSS in html/template6.1
- CVE-2026-32289JsBraceDepth Context Tracking Bugs (XSS) in html/template6.1
- CVE-2026-27142URLs in meta content attribute actions are not escaped in html/template6.1
- CVE-2024-24785Errors returned from JSON marshaling may break template escaping in html/template5.4
- CVE-2023-39319Improper handling of special tags within script contexts in html/template6.1
- CVE-2023-39318Improper handling of HTML-like comments in script contexts in html/template6.1
- CVE-2023-24539Improper sanitization of CSS values in html/template7.3
- CVE-2023-24540Improper handling of JavaScript whitespace in html/template9.8
- CVE-2023-29400Improper handling of empty HTML attributes in html/template7.3
- CVE-2023-24538Backticks not treated as string delimiters in html/template9.8
Product normalization is registry-driven with AI assist and human review. How it works