CVE-2026-59929
Received Received - Intake

Mistune Markdown Parser URL Scheme Bypass Vulnerability

Vulnerability report for CVE-2026-59929, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-08

Last updated on: 2026-07-08

Assigner: GitHub, Inc.

Description

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the safe_url filter in src/mistune/renderers/html.py blocks only javascript:, vbscript:, file:, and data: schemes, allowing legacy or chained schemes such as feed:, view-source:, jar:, livescript:, mocha:, ms-its:, mk:, and res: to reach rendered href and src attributes and potentially execute script in affected user agents. This issue is fixed in version 3.3.0.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-08
Last Modified
2026-07-08
Generated
2026-07-09
AI Q&A
2026-07-08
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
lepture mistune to 3.3.0 (exc)
lepture mistune 3.3.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-184 The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

The vulnerability in Mistune, a Python Markdown parser, arises from an incomplete filtering of unsafe URL schemes in its safe_url filter before version 3.3.0. While it blocks common harmful schemes like javascript:, vbscript:, file:, and data:, it fails to block several legacy or chained schemes such as feed:, view-source:, jar:, livescript:, mocha:, ms-its:, mk:, and res:. These schemes can be used to bypass the filter and inject malicious scripts into href and src attributes in rendered HTML.

This allows attackers to craft malicious markdown links that, when rendered, can execute JavaScript in affected user agents that still honor these legacy schemes, potentially leading to cross-site scripting (XSS) attacks.

Impact Analysis

This vulnerability can lead to cross-site scripting (XSS) attacks if an attacker is able to inject malicious markdown content that uses unsafe URL schemes to execute JavaScript in the context of the victim's browser or environment.

The impact includes potential theft of cookies, session tokens, or other sensitive information, as well as unauthorized actions performed on behalf of the victim within the affected application.

The risk is higher in environments using legacy browsers, older versions of Internet Explorer or Edge Legacy, or custom protocol handlers that honor these unsafe schemes.

Detection Guidance

This vulnerability can be detected by inspecting rendered HTML output from applications using the mistune library versions prior to 3.3.0 for unsafe URL schemes in href or src attributes.

Specifically, look for URLs using legacy or chained schemes such as feed:, view-source:, jar:, livescript:, mocha:, ms-its:, mk:, and res: that are not properly blocked and may lead to script execution.

You can use commands to search for these patterns in your rendered HTML or markdown source files. For example, using grep on Linux systems:

  • grep -E -i 'href="(feed:|view-source:|jar:|livescript:|mocha:|ms-its:|mk:|res:)' path/to/rendered/html/files
  • grep -E -i 'src="(feed:|view-source:|jar:|livescript:|mocha:|ms-its:|mk:|res:)' path/to/rendered/html/files

Additionally, review markdown input that may contain links using these schemes before rendering.

Mitigation Strategies

The immediate mitigation step is to upgrade the mistune library to version 3.3.0 or later, where the vulnerability is fixed by properly blocking unsafe URL schemes.

If upgrading is not immediately possible, consider implementing an allowlist of safe URL schemes (such as http:, https:, mailto:, tel:, ftp:) in your application to filter or sanitize markdown input before rendering.

Avoid rendering markdown content from untrusted sources without validation, as the vulnerability allows execution of JavaScript via legacy URL schemes in affected user agents.

Compliance Impact

The vulnerability in Mistune allows potentially malicious scripts to execute in affected user agents by bypassing URL scheme filtering. This can lead to cross-site scripting (XSS) attacks, which may result in unauthorized access to user data or session information.

Such unauthorized data access or leakage could impact compliance with data protection regulations like GDPR or HIPAA, which require safeguarding personal and sensitive information against unauthorized access or disclosure.

Specifically, if an application using Mistune processes attacker-controlled markdown and renders it without proper URL scheme restrictions, it could expose users to script execution that compromises confidentiality and integrity of data, thus potentially violating these regulations.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-59929. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart