{
  "threat_severity" : "Moderate",
  "public_date" : "2026-04-21T19:51:53Z",
  "bugzilla" : {
    "description" : "github.com/gomarkdown/markdown: github.com/gomarkdown/markdown: Denial of Service via malformed Markdown input",
    "id" : "2460245",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2460245"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-1286",
  "details" : [ "The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Processing a malformed input containing a < character that is not followed by a > character anywhere in the remaining text with a SmartypantsRenderer will lead to Out of Bounds read or a panic. This vulnerability is fixed with commit 759bbc3e32073c3bc4e25969c132fc520eda2778.", "A flaw was found in github.com/gomarkdown/markdown, a Go library for parsing Markdown text and rendering as HTML. A remote attacker could exploit this vulnerability by providing a specially crafted malformed input. Specifically, input containing a '<' character not followed by a '>' character, when processed by the SmartypantsRenderer, can lead to an out-of-bounds read or a panic. This can result in a denial of service (DoS) for the application, making it unavailable to legitimate users." ],
  "statement" : "This is an Important denial of service flaw affecting Red Hat products that utilize the `github.com/gomarkdown/markdown` library. The vulnerability occurs when the `SmartypantsRenderer` processes specially crafted malformed Markdown input containing an unclosed '<' character, leading to an out-of-bounds read or application panic. A successful exploitation may lead the application using the library unavailable.",
  "affected_release" : [ {
    "product_name" : "Multicluster Global Hub 1.4.5",
    "release_date" : "2026-06-01T00:00:00Z",
    "advisory" : "RHSA-2026:22347",
    "cpe" : "cpe:/a:redhat:multicluster_globalhub:1.4::el9",
    "package" : "multicluster-globalhub/multicluster-globalhub-grafana-rhel9:1779579439"
  }, {
    "product_name" : "Multicluster Global Hub 1.5.4",
    "release_date" : "2026-05-28T00:00:00Z",
    "advisory" : "RHSA-2026:21769",
    "cpe" : "cpe:/a:redhat:multicluster_globalhub:1.5::el9",
    "package" : "multicluster-globalhub/multicluster-globalhub-grafana-rhel9:1778867753"
  }, {
    "product_name" : "Multicluster Global Hub 1.6.2",
    "release_date" : "2026-06-04T00:00:00Z",
    "advisory" : "RHSA-2026:23345",
    "cpe" : "cpe:/a:redhat:multicluster_globalhub:1.6::el9",
    "package" : "multicluster-globalhub/multicluster-globalhub-grafana-rhel9:1780167118"
  }, {
    "product_name" : "Multicluster Global Hub 1.7.1",
    "release_date" : "2026-06-08T00:00:00Z",
    "advisory" : "RHSA-2026:24503",
    "cpe" : "cpe:/a:redhat:multicluster_globalhub:1.7::el9",
    "package" : "multicluster-globalhub/multicluster-globalhub-grafana-rhel9:1779925273"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2.15",
    "release_date" : "2026-06-08T00:00:00Z",
    "advisory" : "RHSA-2026:24539",
    "cpe" : "cpe:/a:redhat:acm:2.15::el9",
    "package" : "rhacm2/acm-grafana-rhel9:1780677003"
  } ],
  "package_state" : [ {
    "product_name" : "Kube Descheduler Operator",
    "fix_state" : "Not affected",
    "package_name" : "kube-descheduler-operator/descheduler-rhel9",
    "cpe" : "cpe:/a:redhat:kube_descheduler_operator:4"
  }, {
    "product_name" : "Kube Descheduler Operator",
    "fix_state" : "Not affected",
    "package_name" : "kube-descheduler-operator/descheduler-rhel9",
    "cpe" : "cpe:/a:redhat:kube_descheduler_operator:5"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-40890\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-40890\nhttps://github.com/gomarkdown/markdown/commit/759bbc3e32073c3bc4e25969c132fc520eda2778\nhttps://github.com/gomarkdown/markdown/security/advisories/GHSA-77fj-vx54-gvh7" ],
  "name" : "CVE-2026-40890",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}