CVE-2026-59930
Received Received - Intake

Mistune toc Plugin Predictable Heading ID Vulnerability

Vulnerability report for CVE-2026-59930, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-08

Last updated on: 2026-07-08

Assigner: GitHub, Inc.

Description

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the toc plugin and TableOfContents directive generate heading IDs as predictable toc_N values without slugifying the heading text, allowing attacker-controlled id="toc_N" content to collide with generated anchors and redirect same-page navigation, CSS selectors, or JavaScript handlers. This issue is fixed in version 3.3.0.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-08
Last Modified
2026-07-08
Generated
2026-07-09
AI Q&A
2026-07-08
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
lepture mistune to 3.3.0 (exc)
lepture mistune 3.3.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-345 The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
CWE-1284 The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-59930 is a vulnerability in the Mistune Python Markdown parser, specifically in its TableOfContents (TOC) directive and toc plugin before version 3.3.0.

The issue is that the TOC generates heading IDs as predictable sequential values like toc_1, toc_2, etc., without using the heading text to create unique or slugified IDs.

Because these IDs are predictable, an attacker can inject HTML content with matching IDs (e.g., id="toc_1") that collide with the generated anchors.

This collision can cause navigation hijacking, interfere with CSS selectors or JavaScript handlers, and break same-page navigation links.

The vulnerability does not lead to cross-site scripting (XSS) or remote code execution (RCE), but it can affect user interaction and integrity of navigation.

Compliance Impact

The vulnerability in Mistune allows attacker-controlled content to collide with generated heading IDs, enabling navigation hijacking or manipulation of CSS/JavaScript handlers. This can affect the integrity of user interactions on affected applications.

However, the vulnerability does not directly lead to data breaches, unauthorized data access, or exposure of personal data, which are primary concerns in standards like GDPR or HIPAA.

Therefore, while this issue may impact the integrity and reliability of user interface navigation, it does not directly compromise compliance with data protection regulations such as GDPR or HIPAA.

Impact Analysis

This vulnerability can impact you by allowing an attacker to hijack same-page navigation within documents rendered by Mistune's TOC plugin.

Specifically, an attacker can inject HTML elements with IDs that collide with the predictable TOC IDs, causing navigation links to redirect to attacker-controlled content.

It can also disrupt CSS selectors or JavaScript handlers that rely on these IDs, potentially breaking page functionality or user interface behavior.

While it does not allow direct code execution or data theft, it can degrade the integrity of user navigation and interaction, which might confuse or mislead users.

Detection Guidance

This vulnerability can be detected by checking if the Mistune package version in use is 3.2.1 or earlier, as these versions generate predictable heading IDs (e.g., toc_1, toc_2) without slugifying the heading text.

To detect exploitation attempts on your system or network, you can look for HTML content or requests containing id attributes with values like "toc_1", "toc_2", etc., which may indicate attempts to collide with generated anchors.

Suggested commands include searching your codebase or generated HTML for these predictable IDs:

  • grep -r 'id="toc_' /path/to/your/html_or_source_files
  • grep -r 'toc_' /path/to/your/project | grep heading_id

Additionally, verify the Mistune package version installed:

  • pip show mistune
  • pip freeze | grep mistune
Mitigation Strategies

The immediate mitigation step is to upgrade the Mistune package to version 3.3.0 or later, where the vulnerability is fixed by generating slug-based heading IDs and handling collisions properly.

If upgrading is not immediately possible, consider implementing a custom heading_id callback that slugifies heading text to avoid predictable IDs.

Also, review and sanitize any user-controlled HTML content to prevent injection of conflicting id attributes like "toc_N".

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-59930. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart