CVE-2026-10729EPSS p10.4%

CVE-2026-10729CVE-2026-10729

Description

An HTML injection vulnerability in the notification email for "Slow Redirect" and "Cloned Website" Canarytokens exists in Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross-Site Scripting (XSS) in emails clients that render HTML emails. This issue affects Canarytokens: from Docker tag sha-c42435e before sha-bfda4df, from Git commit c42435e before bfda4df.

Scoring

EPSS0.20% probability of exploitation · percentile 10.4% · 2026-06-18T12:00:27Z
Last modified2026-06-04

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-11859
CVE
CVE-2026-9646
CVE
CVE-2026-22918
CVE
CVE-2026-34033
CVE
CVE-2025-70948
CVE
CVE-2026-35466
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.