CVE-2026-12888 - HTML injection in the Canarytoken Google Chat notification
CVE ID :CVE-2026-12888
Published : June 22, 2026, 1:05 p.m. | 2 hours, 34 minutes ago
Description :An HTML injection vulnerability exists in the Google Chat webhook notification sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation in Google Chat. An attacker can insert limited HTML content including links. This issue affects Canarytokens: from Docker tag sha-4aef1db90 before sha-8ab4dccd, from Git commit 4aef1db90 before 8ab4dccd.
Severity: 2.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : June 22, 2026, 1:05 p.m. | 2 hours, 34 minutes ago
Description :An HTML injection vulnerability exists in the Google Chat webhook notification sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation in Google Chat. An attacker can insert limited HTML content including links. This issue affects Canarytokens: from Docker tag sha-4aef1db90 before sha-8ab4dccd, from Git commit 4aef1db90 before 8ab4dccd.
Severity: 2.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...