LOW
Thinkst Applied Research
CVE published 2026-06-10
CVE-2026-11859
CVE-2026-11859 is an HTML injection vulnerability in the 'fetch links' email sent by Thinkst Applied Research Canarytokens. This issue enables Interface Manipulation and Cross-Site Scripting (XSS) in email clients that render HTML emails. The vulnerability affects Canarytokens from Docker tag sha-c0f3cf142 before sha-08c3f93d and from Git commit c0f3cf142 before 08c3f93d. The CVSS score for this vulnerabi [truncated]