Known Vulnerabilities for Lol-html by Cloudflare
Listed below are 1 of the newest known vulnerabilities associated with "Lol-html" by "Cloudflare".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-62948 json | OpenWrt is a Linux operating system targeting embedded devices. Prior to 25.12.5, odhcpd writes a DHCPv6 client FQDN option 3... | Not Provided | 2026-07-15 | 2026-07-15 |
| CVE-2026-62643 json | In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, insufficient Cascading Style Sheets (CSS) sanitization in HTML e-m... | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2026-62378 json | RustFS Console is a web management console for the RustFS distributed file system. From 0.1.7 until 0.1.10, the RustFS Consol... | Not Provided | 2026-07-15 | 2026-07-16 |
| CVE-2026-61876 json | LuCI versions fail to properly encode DHCPv6 lease hostnames before rendering in status tables, allowing adjacent network att... | Not Provided | 2026-07-12 | 2026-07-14 |
| CVE-2026-61875 json | luci-app-upnp contains a stored cross-site scripting vulnerability that allows unauthenticated LAN clients to inject JavaScri... | Not Provided | 2026-07-12 | 2026-07-13 |
| CVE-2026-61501 json | Rejetto HFS 3.0.0 through 3.2.0 renders log entries in the administration panel as HTML without sanitization. A remote unauth... | Not Provided | 2026-07-13 | 2026-07-14 |
| CVE-2026-61448 json | Parse Server is affected by a stored cross-site scripting (XSS) vulnerability in versions >= 9.0.0, < 9.10.0-alpha.2 and <= 8... | Not Provided | 2026-07-11 | 2026-07-13 |
| CVE-2026-60119 json | Hi.Events before 1.11.0 contains a cross-site scripting vulnerability that allows authenticated attackers with event creation... | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2026-60092 json | AVideo (Meet plugin) through commit e8d6119f3cb1b849149906efeb0a41fc024f59f8 contains a stored cross-site scripting vulnerabi... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-59929 json | Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the safe_url filter in src/mistune/renderers/... | Not Provided | 2026-07-08 | 2026-07-09 |